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Abstract. We refine HO/N game semantics with an additional notion of pointer (mu- 
pointers) and extend it to first-order classical logic with completeness results. We use a 
Church style extension of Parigot's lambda-mu-calculus to represent proofs of first-order 
classical logic. 

We present some relations with Krivine's classical realizability and applications to type 
isomorphisms. 



Game interpretations of logic and programming languages have been initially developed 
on the logic side (for example [Lor60] for intuitionistic logic). From the beginning of the 
90s, most of the attention has been turned to programming languages with the introduction 
of game semantics |AJM00l IHOOOl IJNic94l IMcC96l IHar99] . 

Our goal is to develop a game model of first-order classical logic based on the HO/N 
model (more precisely its "classical" version presented in [Lai97| which relaxes the bracket- 
ing condition). We have to work between the model of the A-calculus presented in [DHR96 
(which is fully complete for the A-calculus and thus not general enough to allow for the 
interpretation of classical features) and the model of [Lai97j where the use of answers might 
allow for too general behaviours (from the logical point of view). The difference between 
these two models can be figured out by looking at the interpretation of atoms: [DHR96J 
uses a one-move game, while |Lai97j uses a two-moves game. The key ingredient will be 
the introduction of additional fi-pointers in the model of [DHR96J (together with the usual 
justification pointers, or A-pointers). The extension of the one-move model allows for the 
interpretation of classical logic (and not only the A-calculus). 

Game models provide accurate interpretations of logical systems and programming 
languages as given by full completeness results (any element of the model acting on the in- 
terpretation of a formula/type is the interpretation of a proof/term). A natural companion 

1998 ACM Subject Classification: F.3.2, F.4.1, F.3.3. 
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property is faithful completeness (two different syntactic objects have different interpreta- 
tions). When both are satisfied, the distinction between syntax and semantics becomes 
almost irrelevant as sugg ested by Girard [Gir99| . 

To be slightly more precise, we say that a denotational model is equivalence complete 
if it is fully and faithfully complete, and if each object of the model is isomorphic to the 
interpretation of a formula/type. That is, if the interpretation functor into the model defines 
an equivalence of categories between the syntactic category and the model. 

We will show how the appropriate notion of canonical form for a Church style first-order 
extension of Parigot's A//-calculus [Par92] together with our first-order game model give an 
equivalence completeness result. This is the main theorem of this paper. 

Starting from the first-order case, we derive a few (known and new) models for different 
sub-systems. We also study the relation between our one-move model with ^-pointers and 
the two-moves model (in the setting of propositional logic). Here is a summary of the main 
game models considered in the paper: 



atomic 


propositional 


propositional 


propositional 


first-order 


games 


(simply typed) 


NJ/A-calculus 


N K/ A/i-calculus 


logic 




A-calculus over 1 atom 








1 move 


[DHR96J 


Section 13.21 


Section 13.31 


Section [2] 


2 moves 


[HO001 INic94j 


Section 13.31 


|Lai97j 


end of Section 13.31 


structures 


A-pointers 


atomic labels 


//-pointers 


first-order labels 


used here 








instantiations 



There are equivalence completeness results underlying all these models. 

Following the method developed in [Lau05a| . we apply our game model to the purely 
syntactic problem of characterizing the type isomorphisms of call-by-name first-order clas- 
sical logic. This is a new result in the topic of type isomorphisms. 



We end the paper with the presentation of a close relation between game semantics and 
Krivine's classical realizability [Kri06]. This is important for two reasons. First, the idea of 
introducing /i-pointers in the one-move game models came from an analysis of the interpre- 
tation of proofs through Krivine's realizability. Second, game semantics and realizability 
are two of the most important tools developed along the Curry-Howard correspondence to 
relate logic and computer science and to derive computational interpretations of proofs. 
Being able to conciliate these two approaches is a very pleasant thing. 

In this paper we focus on the logical aspects of game semantics. However games are 
also a crucial tool in the study of the semantics of programming languages. The A-- 
calculus appears as a natural bridge since it is known to provide both a term syntax for 
proofs in classical logic and a foundation for functional programming languages with control 
operators. The link between games and realizability, which is presented here, offers another 
bridge between games and the theory of programming languages. 

Related works. The game setting developed in |Lor60[ IFel85] is quite similar to our proposal 
concerning the notion of play (and view). However it is done in an intuitionistic setting 
and without any particular interest for the composition of strategies which is at the core of 
HO/N games. In this line of work, Coquand |Coq9 5 has explicitly worked on composition 
and in a classical setting but in relation with a quite different syntactic system: Novikoff 's 
calculus. Finally Herbelin [Her97] (following Coquand) and Laird [Lai97] (following HO/N) 
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arrived to a meeting point by giving a fully complete game model for a classical extension 
(d la A/i- calculus) of PCF, that is without propositional variables or quantification. 

A key ingredient which is new with respect to those works is the notion of //-pointer. 
It happens that they appear to be a particular case of the contingency pointers introduced 
by Laird for local exceptions [LaiOl]. 

A more algebraic approach (by means of generators and relations) to game semantics 
for first-order quantification is developed in [Mim09]. The underlying logic is very basic: 
linear and without propositional connectives. 
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1. Notations and used languages 

1.1. First-order logic. In the whole paper, we consider a fixed first-order language C, 
that is a countable set of function symbols (with given arities), denoted by /, g, ... and 
a countable set of relation symbols (with given arities), denoted by X, Y, ... (arities are 
natural numbers). We assume given a countable set of first-order variables V, denoted x, 
V, ••• 

To clarify the different uses we will have of first-order variables and of first-order terms, 
we consider the set of variables V as the disjoint union of three countable sets of variables: 
^.-variables, O-variables and P-variables. And we assume given an enumeration (oj)j g N of 
O- variables. 

First-order terms are defined as: 

t ::= x | ft 

where function application respects the arity of symbols. 

As sub-classes, we will use *4P-terms (first-order terms built from A- variables and 
"P-variables only) and OP-terms (first-order terms built from O-variables and P-variables 
only). This will be done in the spirit of Barendregt's convention [Bar84[ 2.1.13 page 26]: 
different names are used for different purposes (see in particular Section [2]). .4- variables 
will be used for bound occurrences in types/formulas and arenas, O-variables for bound 
occurrences in A/^-terms and strategies and P-variables for free occurrences. 

Formulas are defined as: 

A ::= T | _L \ Xt\ A A \ A A A \ MxA 

where relation application respects the arity of symbols, x is an „4-variable and t are ^IP- 
terms. 

An atomic formula is Xt\ . . . t^, T or _L, denoted R, S, ... If it is neither T nor _L it is 
a non- constant atomic formula. 

The (now quite popular [KriOH ISelOll ILau04j ) restriction of the set of connectives to 
the so-called "negative" ones is what makes the framework much easier to manage. Note 
that the other connectives are easy to define from their negative dual by means of negation 
(for example 3xA = (\/x{A — > _L)) — > _L). 

1.2. Church style A/i-calculus for first-order logic. In order to describe proofs in first- 
order classical logic, we use (according to the Curry-Howard correspondence) a Church style 
extension of Parigot's A/i-calculus |Par92| with abstraction and application for first-order 
universal quantification. First-order formulas are used as types. 

Given two disjoint countable sets of variables (A- variables, denoted a, b, ... and fi- 
variables, denoted a, /3, ...), the corresponding A/i-terms are: 

M ::= a \ Xa.M | (M)M j (M, M) \ Tt x M \ ir 2 M \ * | [a]M \ fia.M | Ax.M | M{t} 

where x is an O-variable and t is an OP-term. We use the simplified notation [ia[f3]M 
instead of fia.[f3]M when these two constructions come together. 

A/^-terms are considered up to a-equivalence for A-variables bound by A, /x-variables 
bound by n and O-variables bound by A. We consider only A^-terms without free O- 
variables (Barendregt's convention). A A^-term is closed if it contains neither free A- 
variables nor free \x- variables (it may contain free P-variables). 
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T,a : Ah M : B \ A V h M : A -> B I A ThN:A\A 



T,a: Ah a: A \ A rh XaM . A ^ B \ A r |_ ( M ) ^ . £ | A 

rhM:i| A r h N : £ | A r h M : Ai A A 2 | A 



r h ★ : T A 



r h (M, N) : A A B \ A T h vr^M : Aj | A 

rhM:i| A,a:i f h M : _L | A, a : A 



r h [a]M : _L | A, a : A T h /xa.M : A | A 

r h M[ y / Z ] : A[ y / X ] I A J r h M : VxA I A 
— y ^ T, M, A, A — ^r-j — J — 



r h Az.M : VxA | A " ^ ' ' ' T h M{t} : A[ l / x \ \ A 

x is an A- variable, y is a T 7 - variable and z is an 0- variable. 



Table 1: Typing rules for the first-order A/i-calculus 

Typing judgments are of the shape r h M : A \ A where T is a set of typing declarations 
for distinct A-variables (i.e. pairs a : A) and A is a set of typing declarations for distinct 
/x- variables (i.e. pairs a : A). The derivation rules for this system are given in Table [TJ 

Through the Curry-Howard correspondence, type inhabitance corresponds to provabil- 
ity. 

Proposition 1.1 (Provability). The formula A is provable in first-order classical logic if 
and only if there exists a closed \\x-term M such that h M : A \ is derivable. □ 

The equality between proofs is the congruence generated by the equational theory (3rjfip8 
on typed A/U-terms given in Tabled 



1.3. The syntactic category. The syntactic category S has objects given by types and 
morphisms from A to B obtained by quotienting the set of closed A/i-terms of type A — > B 
by the congruence generated by finppQ. The identity morphism is the equivalence class of 
the A/x-term Xa.a of type A — > A. The composition of two equivalence classes containing 
M : A -> B and N : B ->• C is the class of Xa.(M)(N)a : A ->• C (a <£ M, a £ N). 

In order to simplify our work in the rest of the paper, we are going to move from the 
syntactic category to an equivalent one. 

Concerning formulas, we first define — ^-canonical forms (non-terminal Q in Tabled]): 

Vx(Qi -> > Qfc -> R) 

with R atomic but different from T (called the final atom of the formula) and the QjS in 
— ^--canonical form. Then canonical forms are: 

A Vf(Ql^---^£4 ->#<) 

l<i<n 

with n > (where Ai<i<o Qi = T ' Ai<*<i Qi = Qi and Ai<».<„+i Qi = (Ai<i< n Qi) A 
Qn+i), with the \/x(Q\ —>••••—>• Qjj,. — > i? l )s in — ^-canonical form. This corresponds to the 
non-terminal C in the grammar of Table |H 
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(Xa.M)N 


= /9 


M[ N / a ] 


A 


Xa.(M)a 


= V 


M 


A^ B 


ki{M,N) 


=P 


M 


A 


7T 2 (M,N) 


=P 


N 


A 


(vTiM, 7T 2 M) 


= v 


M 


A A B 




= v 


M 


T 


(Ax.M){t} 


=P 


ATp/ x ] 


A 


Ax.M{x} 


= v 


M 


VxA 


(fia.M)N 


= M 


tia.M[M(m/ [a]L ] 


A 


7Tifj,a.M 


= M 


f, a .M[^ L / [a]L ] 


A 


7T2Ha.M 


= M 


»a.M^ L / [a]L ] 


A 


{pa.M){t} 


= M 


lia.M[ [a]L{t} /[a] L ] 


A 


[fi]jj,a.M 


= p 


M[P/ a ] 


_L 


Ha[a]M 


=8 


M 


A 


[a]M 


= P 


M 


_L 



Table 2: Equalities between A^-terms 



A A (B A C) = (A A B) A C 




A A T = A 




T AA = A 




{AAB)^C = A^(B^C) 




T ^A = A 




A -> (B A C) = (A -> B) A (4 -> C) 




yl -> T = T 




Vx(A A B) = VxA A VxB 




VxT = T 




A -> VxB = \fx(A -)■ B) 


x £ A 


j4 A B = B A j4 




VxVyA = VyVxA 





Table 3: Type isomorphisms 



Proposition 1.2 (Canonical forms for formulas). If we consider formulas up to the equa- 
tions of Table{i§\ (except the last two), any formula can be written in canonical form. 



1 These equations are validated by syntactic isomorphisms, see Proposition IA. 41 page I 



GAME SEMANTICS FOR FIRST-ORDER LOGIC 



V 



R : 


:= Xt\ _L 


A : 


:= R | Q ->■ A 


Q : 


:= A | VxQ 


B : 


:= Q | B AQ 


C : 


:= B | T 



Table 4: Canonical forms for formulas 



Proof. We consider the equations of Table [3] (except the last two) as rewriting rules from 
left to right. 

We define the two functions (ft and ip from formulas to integers greater or equal to 2: 
0(T) = <f>(±) = 4>{R) = ^(T) = ^(-L) = if>(R) = 2 
4>(A A B) = 2(cf)(A) + l)<p(B) 
rp(A A B) = 2(ip(A) + l)ip(B) 

<f>(A ->B) = <j>(B)M A> > 
ip(A ->B) = iP(Bf^ 

<f>(yxA) = <p(A) 2 

Tp(VxA) = 2ij){A) 

We can easily check that for each rewriting rule A i— >■ B, (cf)(A),il>(A)) > (4>(B),il>(B)) (with 
respect to the lexicographic order). Finally, if A is a formula such that no rewriting rule 
applies to it, then A is in canonical form. □ 

Up to the (3r]fj,p6 equational theory, any closed A//-term whose type is a canonical form 
can be written as a canonical normal form which is either * or a tuple of terms of the shape: 

Af.Aa./4K(6){f))M 

where fj,[] is of the shape na[/3] except that \J3] disappears if ((b){t\)M has type _L and that 

\ia disappears if fj,[]((b){t})M has type _L (see Appendix [Aj] for a proof of this result). 

The syntactic category S c is the category in which objects are types in canonical form 
and morphisms are closed A/i-terms in canonical normal form quotiented by f3r]/j,p^. Ac- 
cording to the previous remarks, this is a category equivalent to S. 

2. A GAME MODEL OF FIRST-ORDER LOGIC 

2.1. Arenas. The notions of forest and tree will occur at different places in this work. 
Sometimes enriched with some additional structure (such as labels or pointers) and some- 
times not. Here we consider forests and trees as finite objects defined by mutual induction: 
• a finite list of trees is a forest, 



We will see in fact in Corollary 12. 33l that there is no quotient involved here since two different canonical 
normal forms cannot be equalized through /3rjjj,p9. 
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• a node together with a forest is a tree, the node is called a root and the roots of the trees 
of the forest are the sons of this root and the trees of the forest are the immediate sons 
of this tree. 

This definition is well founded by using the case of an empty list of trees as a forest. Notice 
that a tree is never empty while a forest could perfectly be empty. 

The root of a tree is considered as the top element of the tree, so that we can speak 
about a node above or below another in a tree/forest. The polarity of a node is the parity of 
the length of the path from a root to this node (in particular the polarity of roots is even). 

If J 7 is a forest and T is a tree, the graft of T on 7" is the tree which has the same 
root as T and with immediate sons obtained by concatenating T (on the left) to the list of 
the immediate sons of T ■ If T 1 is a forest, the graft of T on T 1 is obtained by grafting T 
on each tree of J-' (this may entail duplications of J-, and if J- comes with some additional 
structure, this structure is also duplicated). 

If Ti and 72 are two trees, the merging of 71 and T2 is the tree obtained by graft- 
ing the list of immediate sons of 71 (which is a forest) on Ti- This means that the 
two roots are identified and the two lists of immediate sons are concatenated. If T\ = 
[71, ... ,7~ p ] and Ti = [T{, ■ ■ ■ , T'] are two forests, the merging of T\ and T% is the forest 

[Ti, . . . , Ti, T2, ■ ■ ■ , T 2 9 , ■ ■ ■ , Tp, • • • , Tp] where the tree 7? is the merging of 71 and 77. 
Example 2.1. If we consider the forest T and the two trees 71 and 7i: 




The graft of T on T2 is the following tree: 




The merging of 71 and Ti is: 




We define a notion of arena adapted to the presence of first-order quantification (in the 
spirit of polymorphic arenas |Hug97| developed for second-order quantification). 

Definition 2.2 (Arena). An arena is a forest with nodes labelled with: 

• a list of first-order ^.-variables, called the first-order label of the node; 

• a list of non-constant atomic formulas (using only .AP-terms), called the atomic label of 
the node (in such a way that .4-variables appearing in an ^IP-term already appear in the 
first-order label of the node or of a node above it). 

The nodes of the forest are called moves. Concerning the polarity, we also use O for even 
and P for odd. 

If the move m is the son of the move n in the arena A, we say that n enables m (denoted 
by n \~a m). Roots are also called initial moves denoted by \~a m. 
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In this paper, we have to deal with a bunch of binding structures. For each of them we 
can use binding through names and a-renaming, de Bruijn indexes, pointers, ... We decide 
to use explicit names for first-order variables in arenas. If an ^4-variable x appears in an 
AV-teim of the atomic label of a move m and also in the first-order label of a move n above 
m (or of m itself), x has to be considered as bound in the arena. We will not explicitly deal 
with arenas up to a-conversion of these bound A- variables. However we will assume all the 
elements of the first-order labels of an arena to be different. This could require implicit 
renaming in the arena constructions. 

Example 2.3. If we represent first-order labels on the left-hand side and atomic labels on 
the right-hand side of each move, here is an arena: 



where X has arity 1, Y has arity 0, and / has arity 2. 

Remember that, in the general case, the atomic label of a move may contain more than 
one element. 

For the following examples, we name the root as ao, its sons as ai and a2 and the son 
of z.2 is named a3. 

Definition 2.4 (Arrow arena). Let A and B be two arenas, the arrow arena A — ► B is the 
graft of A on B. 

2.2. Sequences of moves. Game semantics usually deals with sequences of moves which 
are equipped with some additional structure. Due to the presence of first-order quantifica- 
tion, we will use some even richer structure. 

We first introduce pointers on sequences of moves. Two kinds of pointers are required 
in our setting. 

Definition 2.5 (Justified sequence). A justified sequence s on the arena A is a sequence 
of moves of A together with: 

• for each occurrence of a non-initial move m, we give a justification pointer (or X-pointer) 
to an earlier occurrence of move in s (that corresponds to giving an integer smaller than 
the index of m in s) which enables m in A; 

• for each occurrence of a move m with atomic label I in A, we give, for each element of 
I, at most one fi-pointer to an element of the atomic label of an earlier occurrence of 
move n of opposite polarity (this can be represented as, for each element of an integer 
corresponding to the index of n and then an integer giving the chosen element in the 
atomic label V of n). 

Example 2.6. Here is a justified sequence on the arena A of Example 12.31 





1 



1 



2 



3 



6 



(1,1) 



(4,1) 
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A-pointers are represented as plain lines and /i-pointers as dashed lines. 

The second line gives A-pointers as integers. The third line gives //-pointers as pairs of 
integers (the second index is always 1 since the length of the atomic labels of A is at most 
1, and there is at most one pair for each move for the same reason). 

We now introduce first-order instantiations on sequences of moves (independently of 
the pointer structure). An O -instantiation of a move m of an arena A, which has a first- 
order label of length n, is a list of n O-variables. A V -instantiation (which is not dual to 
O-instantiation) of a move m of an arena A, which has a first-order label of length n, is a 
list of n CP-terms. 

Definition 2.7 (Instantiated sequence). An instantiated sequence s on the arena A is a 
sequence of moves of A together with: 

• an O-instantiation for each O-move 

• a P-instantiation for each P-move 

such that all the O-variables appearing in the O-instantiations are different. 

We consider the possibility of modifying the O-variables: an O-renaming is an in- 
jection from the set of O-variables to itself. If s is an instantiated sequence and if q is 
an O-renaming, is the instantiated sequence obtained by substituting o by q(o) in any 
instantiation of s. 

More generally, an O -substitution is a function from O-variables to OP-terms. If s is 
an instantiated sequence and if i? is an O-substitution, si} is obtained by substituting o by 
$(o) in any P-instantiation of s. 

The combination of pointers and instantiations is required for interaction sequences and 
plays. 

Definition 2.8 (Interaction sequence). Let A, B and C be three arenas, an interaction 
sequence u on A, B and C is a justified sequence on {A —> B) —> C (without any /x-pointer 
between a move of A and a move of C) together with: 

• for each O-move played in C and for each P-move played in A, an O-instantiation; 

• for each P-move played in C and for each O-move played in A, a P-instantiation; 

• for each move played in B, a pair of an O-instantiation and of a P-instantiation; 

such that all the O-variables appearing in the O-instantiations are different. This turns u 
into an instantiated sequence on A — > (B — > C) by forgetting: pointers, O-instantiations 
for O-moves played in B and P-instantiations for P-moves played in B. 

The set of all interaction sequences on A, B and C is noted int(^4, B, C). 

An instantiated justified sequence s on an arena A generates substitutions of the A- 
variables appearing in the first-order labels of A by the OP-terms appearing in the instanti- 
ations. Let m be an occurrence of move in s with instantiation [t±, . . . , t&] and let [x±, . . . , x^\ 
be the first-order label of m in A, we define the substitution 6 m as {x\ i— >■ t±, . . . , Xk *— > t^} 
if m is an initial move, and 9 n U {x\ t-t t±, . . . ,Xk i-> £&} where n is the occurrence of move 
justifying m in s otherwise. 

Definition 2.9 (Play). A play on the arena A is an instantiated justified sequence on A 
such that: 

• polarities of moves are alternating; 

• there are no /x-pointers from Opponent moves; 
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• there is exactly one /i-pointer for each element of the atomic label of each Player move; 

• for each /i-pointer going from a formula Xt\ . . . labelling (in A) an occurrence of move 
m to a formula Yu\ . . . u p labelling (in A) an occurrence of move n, we have X = Y, k = p, 
t\6 m = u\8 D , ifc# m = iifc# n ; 

• all the ©-variables appearing in a P-instantiation have appeared in a previous O-instantiation. 

The set of all plays on A is noted Va- The set of even length plays on A is noted V p . The 
prefix order on plays is noted < and we use the notation s < p t (s is P-prefix of t) for 
s < t A s € V P A . 

We can summarize the structure put on moves of a play: 

• an Opponent move is equipped with a justification pointer and with an O-instantiation; 

• a Player move is equipped with a justification pointer, with a list of /U-pointers and with 
a "P-instantiation. 

O-variables are introduced by Opponent and then used by Player. 

Example 2.10. On the arena: 




X{fz) 



if we name the root as bo, then we name the moves along the first branch t>i and b2 and 
along the second branch b3, b4 and bs, we have the following play (above the line): 




b 

M \ [01] [fo ,t] [/oi,o ] 



x i y oq 



X I ^ Oq 

y^foo 



x i-4 oi 



X i-4 0\ 

2/!-4/oi 

ZI4 0Q 



x i y o\ 

y-4/01 

Z 1-4 Oq 



X(fo ) X(foo) X(/oi) Xtfox) X(foo) 

For each occurrence of move m with a non-empty atomic label [R] (there is no atomic label of 
greater length in the considered arena), we have indicated (below the line) the corresponding 
substitution 6* m and the associated formula R9 m . 

It is thus easy to check that /i-pointers validate the condition on atomic labels given 
in the definition of play. The formula R6 m gives some dynamic content of the move which 
depends on the position in the play (thus in a proof on the syntactic side). A comment on 
the logical meaning of this is given in the beginning of Section [6l 

We define various notions of projections of sequences of moves. 

If s is an instantiated justified sequence on A — > B, s \a (resp. s \b) is the subsequence 
(with some pointers and some instantiations) of s containing the moves belonging to A 
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(resp. B), with their justification pointers (except for initial moves of A which do not have 
justification pointers anymore), with their //-pointers going to moves in A (resp. B) (the 
others disappear), and with their instantiations. It is an instantiated justified sequence. 

If u is an interaction sequence on A, B and C, we define the following sequences (with 
some pointers and some instantiations): 

• u I^-kB is the subsequence of u containing moves in A and moves in B with their pointers 
(if they arrive to a move in A or B and are not //-pointers starting from a Player move of 
B in u) and with their instantiation for moves in A, and their ©-instantiation for P-moves 
in u played in B and their P-instantiation for O- moves in u played in B. 

• u \b^c is the subsequence of u containing moves in B and moves in C with their pointers 
(if they arrive to a move in B or C and are not /i-pointers starting from an Opponent 
move of B in u) and with their instantiation for moves in C, their ©-instantiation for 
O-moves in u played in B and their V- instantiation for P- moves in u played in B. 

• u \a^c is the subsequence of u containing moves in A and moves in C with their justifi- 
cation pointer if it arrives to a move in A or C. 

For any initial move m in A, whose justifier must be an initial move m' in B itself 
justified by an initial move m" in C, we put m" as justifier of m. 

The //-pointers of this justified sequence are given by: we put a //-pointer from the 
formula R associated with the occurrence of move m to the formula S associated with the 
occurrence of move n, if there exists a sequence of //-pointers p± , . . . , p n {n > 0) in u such 
that: 

— the source of p\ is R associated with the occurrence of move m 

— the target of p n is S associated with the occurrence of move n 

— the source of pi is the target of pi-\ (2 < i < n) 

— the target of pi is in B (1 < i < n — 1) 

This means that we find a path of //-pointers from R to S going only through labels of 
moves in B (if the path contains only one edge, it has not to go through B). 

Since with any move of u in B are associated both an ©-instantiation and a V- 
instantiation (of the same length), we can define an ©-substitution •&: the ©-variable 
x is substituted by t if x appears in A:th position in the ©-instantiation of an occurrence 
of move m of u in B and t is the A:th element of the 'P-instantiation of m. The instantiations 
in u \a->C are obtained from the instantiations in u by applying i9. 
The objective of these projections of interaction sequences is to extract candidate plays for 
A — >■ B, B — > C and A — > C, as given in the definition of the composition of strategies 
below. 

Definition 2.11 (Strategy). A strategy a on the arena A, denoted a : A, is a non-empty 
set of even length plays which is closed under even length prefixes, and: 

• deterministic: if sm £ a and sn G a then sm = sn; 

• uniform: if s G a and q is an ©-renaming then s^Gcr. 

A particular kind of strategy playing //-pointers and instantiations in a very constrained 
way is useful. A play is \x-rigid if: 

• the atomic label of a Player move always has the same length as the atomic label of the 
previous move, 

• a /x-pointer is always going to the corresponding element of the atomic label of the previous 
move, 
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• the instantiation of a Player move is always the same as the instantiation of the previous 
move. 

A strategy is fi-rigid if all its plays are. 

In order to define a category, we consider the following identities and composition. 
If A is an arena, the identity id.A on A — > A is given by: 

id4 = {s G Va 1 -^a 2 I Vt ^ P M Ui = t U 2 

A //-pointers are going to the corresponding element of the previous move} 

It contains only /i-rigid plays. 

If a : A — > B and r : B — > C are two strategies, the composition of a and r is given on 
A -> C by: 

<T ; r = {u U->C G Va^c I u G int(A, B, C) A u U->B G a A u f B ^ c G r} 

These two constructions give rise to strategies and we obtain a category of arenas and 
strategies (see Appendix iBj) . 

2.3. Innocence. In order to restrict the set of strategies to those corresponding to proofs 
in first-order logic, we introduce the notions of view and innocence. 

Definition 2.12 (View). A view on the arena A is a play s on A such that: 

• Opponent moves in s are all A-justified by the preceding move; 

• the list of O- variables played by Opponent (obtained by concatenating the ©-instantiations 
in s according to the order in which they appear in s) is a prefix of the enumeration (oj)jg^. 

The condition on O-variables is related with the notion of skeleton in [Pel85j . 

If s is an instantiated justified sequence, the pre-view r s n of s is defined by: r e~ l = e, 
r sm n = r s~'m if m is a Player move, r sm~ l = m if m is an initial Opponent move, r smtn~ l = r sm~' n 
if n is an Opponent move justified by m. 

The view r s n of s is obtained from its pre-view by applying the O-renaming required 
to respect the naming condition of views. If [xo, xi, . . . , x n ] is the list of O-variables played 
by Opponent in r s n (obtained by concatenating the O-instantiations in r s n according to 
the order in which they appear), we consider an C-renaming ? satisfying ?(xj) = Oj for 
< i < n (we call it a canonical renaming induced by r s~ l ) and we define r s n = r s~ l £ (the 
value of q outside {xo, • • • , x n } has no impact). 

If s is a play then r s n is a view and if s is a view then r s n = s. 

We choose the presentation of innocent strategies based on their underlying view func- 
tions. 

Definition 2.13 (View function). A view function on the arena A is a non-empty set of 
even length views on A which is closed under even length prefixes and deterministic: if 
sm G a and sn G a then sm = sn. 

Note that a view function is not a strategy since it violates the uniformity condition. 
Let a be a view function on A, its view closure VC(cj) is given by e G VC(cr), and if 
s G VC(cj), smn G Va and r smn~ l G a then smn G VC(cr). 

Lemma 2.14 (View closure). If a is a view function then VC(cr) is a strategy. 
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Proof. By definition, VC(er) is a non-empty P-prefix closed set of even-length plays. If 
sm G VC(cr) and sn G VC(cr) then r sm~ l = r s~ l mo G a and r sn n = r s n no G a (where mo and 
no are obtained from m and n by applying a canonical O-renaming induced by r s n ) thus 
r sm n = r sn n by determinism of a and finally sm = sn. 

By induction on the length of s, we can show that s G VC(cr) implies s? G VC(cr) for any 
O-renaming This is an easy consequence of r s n = r s? n . □ 

Composition of view functions is given by: a ; r = { r s n | s G VC(ct) ; VC(r)}, and the 
identity view function is r id n . 

An innocent strategy is a strategy obtained as the view closure of a view function. We 
will now consider only innocent strategies and just say "strategy" . Moreover we will mainly 
say "strategy" for the underlying view function. 

Proposition 2.15 (Category of innocent games). Arenas and view functions give a category 

g. 

Proof. All the technical results on strategies corresponding to the categorical structure are 
developed in Appendix [B] □ 



2.4. Constructions. The notion of arrow arena was already required to define morphisms 
between arenas. We now turn to other constructions on arenas and strategies to describe 
the richer structure of the category of games: a control category [SclOl]. We first start with 
the propositional constructions. 

Arena constructions. Let A and B be two arenas: 

Empty: The empty arena T is the empty forest. 

Unit: The unit arena _L is the forest with only one tree with only one node * (empty 
labels). 

Atom: If R is a non-constant atomic formula, the corresponding atomic arena R is 
the unit arena with [R] as atomic label for its unique node (empty first-order label) . 

Sum: The sum A + B of A and B is the concatenation of A and B. 

Product: The product A x B of A and B is the merging of A and B. The labels of 
roots are obtained by concatenation from the labels of the corresponding roots in 
A and B (the first-order labels of A and B are supposed to be disjoint). A move in 
A x B is represented as a pair of moves (m, n) of A and B such that at least one is 
initial. 

Example 2.16. Starting from the arena A of Example 12.31 the product A x A (where we 
put "primes" on the second copy) is the arena: 




with root named (ao,a ), its sons named (a 1; a ), (a 2 ,a' ), (ao^) and (ao^J,), the son of 
(a2,a ) is (a3,a ) and the son of (ao^) is (ao,ag). 
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Strategy constructions. 

Definition 2.17 (Linear strategy). Let a be a view function on A —¥ B, a is linear if: 

• for each initial move m in B, there is a play mn in a with n in A 

• for each view mns in a, n is the unique move in A justified by m 

Let a : A —> C and r : B —> D be two view functions: 

Sum: The view function a + r is obtained by the union of the view functions. Its view 
closure is {s G ^a+b^c+d I s \a-*C G VC(cr) A s \b^d G VC(r)}. If both a and r 
are linear then a + r is linear. 

Product: Assume a : A — >■ C is linear. For each initial move Co in C, there is a unique 
move ao in A such that coao belongs to a. A view s in AxB—^CxD respects a if, 
for (co ,do) its initial move, any move (a,b) in s with a initial satisfies a = ao (with 
coao G a and ao justified by Co) and any move (c,d) in s with c initial satisfies 
c = co- If s respects a, s\ T is obtained by replacing any move (ao,b) by b and 
any move (co,d) by d (with the appropriate pointers and instantiations) and by 
removing the other moves. If s respects a, we consider so obtained by replacing any 
move (a, bo) with a non initial in A and bo initial in B by a and any move (c,do) 
with c non initial in C and do initial in D by c (with the appropriate pointers and 
instantiations). We define e\ a = e and, if s is not empty, s| CT is coaoso in which ao is 
justified by co and the moves of sq enabled by ao in A are justified by ao. We define 
o" x r = {s € 'PaxB^CxD I ^* — P s ) t is a view respecting a A t\ a G a A t\ T G r}. 

If r is linear (but a is not) we can proceed in a symmetric way for defining a x r. 
If both a and r are linear, the two definitions coincide and a x r is linear. 

Projections: The linear view function r idA n : A — >■ A is also a linear view function 
on A + 5 -> ^4 and onB + A-^A 

Diagonal: We can consider moves in A -> B as moves in A — >■ S + by identifying 
the original B with either the left one or the right one. In this way we can see r id^ n 
as a set of plays id^ in A — >■ A + A by considering the left embedding and also as 
a set of plays id^ in A — > A + A by considering the right embedding. The linear 
view function on A — > A + A is the union of id^ and id^. 

Weakening: The linear view function wkyi on A — > A is {e} U {m* | m initial in A} 
(this means that m comes with the unique possible O-instantiation leading to a view 
and that * is justified by m). 

Contraction: We consider a play s in A x A — > A (we add indexes: A\ x A2 — > Ao 
to make things clearer). An occurrence of move in Ao is called a left move if the 
previous move in A\ x A2 was in A\ (and the same with "right move" and A2) . If only 
moves from Ao were played before, we consider it both as a left move and as a right 
move. We define as the subsequence of s containing m: if (m, n) is an occurrence 
of move in A\ x A2 with n initial in A2, or if m is a left move in Ao- s r is given in a 
symmetric way. and s r can be seen as sequences of moves in A — > A. The linear 
view function ctr^ on A x A — > A is {s G T^axA-^A I s y i ew A s l G id-A A s r G idyi}. 
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Example 2.18. The definition of product gives the following kind of view in a x r: 



Ax B -> C x D 




(ci,d ) 



where a : A — > C is linear and contains the view: 

A -> C 



and t : B ^ D contains the view: 
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Example 2.19. The (quite complicated) definition of contraction gives the following (sim- 
ple) views: 



where A is the arena of Example 12.31 and A x A is described in Example 12.161 

Theorem 2.20 (Control category of games). The category Q of arenas and view functions 
is a control category. 

In this control category, central morphisms are linear strategies. 

Proof. All the technical results on strategies corresponding to the control category structure 
are developed in Appendix [Bj □ 

Definition 2.21 (Total strategy). A strategy a : A is total if whenever s £ a and sm £ Va, 
there exists some smn in a. 

A total strategy is maximal for inclusion: if a is total and <jCt then a = r. 

Definition 2.22 (Finite strategy). The size of a strategy is the sum of the lengths of its 
views. A strategy is finite if its size is finite. 

The identity strategy is total and finite, and total and finite strategies compose (see 
Appendix [B]). This allows us to define the sub-category Q xt of Q containing only total finite 
strategies, which is also a control category (easy to check). 

We now turn to the constructions corresponding to quantification. 

First-order constructions. Concerning arenas, if A is an arena, x is a "P-variable and y is a 
fresh ^4-variable, the quantification \/yA[ y / x ] is obtained by renaming x into y in A and then 
by pushing y on the first-order label of each root. We will sometimes use the notation \/xA 
for this arena (since the particular choice of the name y is not important, see the discussion 
on bound variables in Section [2.ip . 

Example 2.23. The arena of Example 12.31 is the interpretation of the formula MxiyiY — > 



Ax A 



A 




(a 3 ,a£)) [o 2 ] 




(VzX(fyz) — > _L) — »■ Y). 
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Let a : A — > B be a view function (with a V- variable x £ A), Mx.a is the view function 
on A -> VyB[ y / x ] given by: Vx.cr = {e} U {(m[a;]s)[ 0l + 1 /oJ [°%] | ms G a} where m[x] is 
obtained from m by pushing x on its instantiation. If a is linear then \/x.a is still linear. 

Let A be an arena, the linear view function inst^ on MxA — > A^/x] is given by: 
instt = {s € Vy xA _^ A n/] I s view A Vt < p s,t \y x A[t] = t wnere is obtained 

from t by pushing t on the instantiation of its initial move. 

2.5. Interpretation of the A/i-calculus. A typing derivation ending with a judgment 
r h M : j4 | A is interpreted as a strategy [M] on^r^ix[]A. Using Theorem 12.201 
there is a canonical way of interpreting the usual propositional constructions of the A/i- 
calculus in our model (following [SelOl]). Moreover this ensures the validation of those of 
the /3r][ip0 equalities which are not dealing with first-order constructs. 

For the interpretation of the (V-introduction) rule, we transform a into Vx.cr (since the 
arenas ^fx(A x B) and (Vx^4) x B are isomorphic if x £ B). For the interpretation of the 
(V-elimination) rule, we transform a into a ; inst^. 

Lemma 2.24 (First-order correctness). The following equalities are valid through the in- 
terpretation in games: 

(Ax.M){t} = M[y x ] :A 
Ax.M{x} = v M : VxA x £ M 

(fxa.M){t} /ia.M[WM*}/ [a]r ] : A 

Proof. 

• (Ax.M){t}: The view function interpreting this term is Vx.o" ; (instt x id^) which is 
{s[*/x] | s S cr}. One easily checks it is also the interpretation of M^/ x ]. 

• Ax.M{x}: An immediate computation shows the interpretation of this term to be the 
same as the interpretation of M. 

• (fia.M){t}: this case is a consequence of the centrality of the morphism inst^ in the 
control category of games (see |dL07l Chapter 7] for example). □ 

We denote by Q\ (resp. £/* f ) the full sub-category of Q (resp. G tf ) containing only arenas 
with at most one element in the atomic labels of moves (called 1-arenas). According to 
the previous interpretation of typing derivations, these categories are expressive enough to 
interpret the closed terms of our A/x-calculu^l and we will mainly focus on them in the 
sequel. 

Example 2.25. The interpretation of the closed term \a.a{t} of type \/xXx — > Xt is the 
view function containing the empty view and the view: 

MxXx -> Xt 




The interpretation of the closed term: 

\f.(f{x})Ay.\d.iJ,a.(f{y})Az.\a.iJ>5[a]a 



These two categories are not control categories, since the product of two 1-arenas is not a 1-arena in 
general. The existence of surrounding control categories would allow us to extend the A/i-calculus with a 
disjunction connective in types. We prefer not to do it since the calculus would become even more complex. 
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of type \/x(\/y{Xx — > Xy) — > _L) — » _L is the view function containing the following unique 
maximal view: 



In order to prove the completeness of the model, instead of working by induction on 
the size of strategies and of building incrementally the corresponding term, we will use a 
more geometric and global approach through A//-forests (an intermediate notion between 
terms and strategies in the spirit of Bohm trees — a similar approach is used in [Her 97]). 
Let us start with the simple case of formulas and arenas. A formula in canonical form 



Ai<i<„V^(4 > A{.^ Ft) can be rewritten into Ai<i<„[^, 3(4. • • • , 4,)- % 



arena associated with the original formula. This shows in particular that nodes in the arena 
are in bijection with occurrences of atomic formulas in a canonical form. 

Example 2.26. The formula given in Example 12.231 and interpreted by the arena of Ex- 
ample [2J3] would be represented as [Y, x, y]([Y], [A.]([X(fyz), z])). 

We now develop the same kind of correspondence at the level of terms, A//-forests and 



Definition 2.27 (A//-forest). A Xfi-forest is a forest with two additional disjoint finite sets 
of edges — A-edges (labelled with a natural number) and //-edges — and with a list of CP- 
terms associated to each node and A- or //-variables associated to some nodes, satisfying: 

• The nodes of even polarity have exactly one son. 

• The source of an edge is always a node of odd polarity and the target is always of even 
polarity. Moreover the target is above the source. 

• A node cannot be the source of two different A-edges or of two different //-edges. 

• If a node of odd polarity is not the source of a A-edge, it is labelled with a A-variable. If 
a node of odd polarity is not the source of a //-edge, it may be labelled with a //-variable. 

• The list of terms associated with a node of even polarity is a list of O- variables. 

• An O- variable appearing in an CP-term of the list associated with a node of odd polarity 
must appear above in the list associated with a node of even polarity. 

• The list of (D-variables appearing along a branch (obtained by concatenating the lists 
associated with the nodes of even polarity in the branch according to the order in which 
they appear) is a prefix of the enumeration (oj)j g N. 

If there is no node labelled with a A- or //-variable, the A//-forest is closed. 

With any A//-term in canonical normal form is naturally associated a A//- forest: 

• with * is associated the empty forest 



Vx ( Vy ( Xx — > 



Xy ) -> 1 ) -> 1 





strategies. 
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• with a tuple of A^-terms is associated the forest whose trees correspond to each A/i-term 

• with a A//-term Ax.\a.fj,a[(3](b{t})M is associated the following tree: we first consider the 

tree with a root r which has one son n whose sons are the trees corresponding to the Ms 
then 

— we put the labels b and j3 on n 

— we apply the substitution [° i + fe /„. | i G N] (with x = x\ . . . x^j 

— we associate the list [x] with r and the list [ij with n 

— we apply the substitution [°°/ Xl , ■ ■ ■ ,° k ~ 1 / x k \ 

— for each node labelled with the A- variable aj (a = a\ . . . ajt), we remove the label and 
we put a A-edge with target r and label i 

— for each node labelled with the /^-variable a, we remove the label and we put a //-edge 
with target r 

If the A/A-term is closed then the associated A/i-forest is closed. 

Example 2.28. We represent A-edges by plain edges and //-edges by dashed edges in Af- 
forests. 



\a.fi5.a 



Xf.fia.(f)Xd.[a]a 



A/.Aa.A6./i 7 [ 7 ]((/)/i/3[/3]6)fa[a]a 



i 

O / 

/ 

a V 




Xa.Xf '.(/ {t}) /j,a[a]a{ht} 
2/ 

1 




Xf.(f{x})Ay.Xd./j,a.(f{y})Az.Xa.iJ,S[a]a 
1/ 




All these A^-forests, except the second one, are closed. 



By translating A/i-terms as A/i-forests, there is a loss of information. For example Xa.a 
and Xa.Xb.a are both translated as: 



We have to use types to recover the missing information. A A/i-forest is typed if a formula 
in —^-canonical form (see page [5]) is associated with each node in such a way that: 

• if the node n (with formula ^4) is source of a A-edge with label i and target r (with formula 
B and list of terms o), then B = W(B X ->■ > B k ->• S) with A = Bif/g}; 

• if the node n (with formula A and list of terms i) is source of a /i-edge with target 
r (with formula B and list of terms o), then A = Vx(yli — >• •••—>• A k — >■ R) and 
B = V^(Bi -> • • • -> B p 5) with i?[V^] = Sf/^i 

• if the node n of odd polarity has formula A = \/x(A\ —> R) then R = _L if 
and only if n is neither the source of a //-edge nor labelled with a /x-variable; 
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• if the node r of even polarity (with formula A) is the ith son of the node n (with formula 
B and list of terms i), then B = Mx(Bi > Bk ->• S) with A = Bif / 

The type of the A/i-forest is the conjunction of the types of its roots. 

We can extend the translation from A/i-terms to A/i-forests with types: when translating 
Ax.Xa.fia[(3](b{t\)M of type A with b of type B, we associate A with r and B with n. 

Example 2.29. The A/i-forests of Example 12.281 can be turned into typed A/i-forests with 
the following respective types: 

± -> X 
((X _L) _L) -> X 

(y^x^z)^x^y^z 

VxXx -»• (Vx(X(/ix) -> _L)) ->■ _L 
Vx(Vy(Xx -> Xy) -> J_) -> JL 

Starting from a typed A/i-forest, we can build a unique typed A/i-term. We decompose 
the A/i-forest into A/i-trees, we compute the corresponding A/i-terms and the A/i-term as- 
sociated with the A/i-forest is the induced tuple. Concerning a A/i-tree T, if the root r has 
formula A = \/x{A\ A^ —> R) , we introduce k fresh A- variables a%, . . . , a^, and 

a fresh //-variable a. To any node which is source of a A-edge with index i and target r, 
we add the label a^. To any node which is source of a /i-edge with target r, we add the 
label a. Let n be the son of r and let b and (3 be the labels obtained for it. Let M be 
the A/t-terms inductively associated with the sub-trees under n. The A/t-term associated 
with T is h.y\a\ . . . \ak^a[j3\{b{t\)M where y are the terms labelling r and t are the terms 
labelling n. 

With any total finite view function on the arena associated with a type A is associated 
a closed A/i-forest: we consider views ordered with the prefix ordering (so that moves 
in the views give nodes in the forest), we remove the A-pointers of O-moves, the other 
pointers give the (A and /t) edges of the A/i-forest, the instantiations give the lists of terms. 
Concerning the labels of A-edges, if the node n corresponds to the move m corresponding 
itself to the occurrence R of an atomic formula in A and if R appears in a sub-formula 
\/x{B\ — > ■ ■ ■ — > Bk — > S) of A as the final atom of B{ then the A-edge with source n has 
label i. 

With any node of a closed typed A/i-forest of type A, we can associate a move of the 
arena associated with A: 

• if r is the ith. root of the A/i-forest, the corresponding move is the ith root of the arena; 

• if the node n of even polarity has a A-edge with label i to a node with associated move m, 
the move associated with n is the ith son of m in the arena; 

• if the node r of odd polarity is the ith son of the node n with associated move m, the 
move associated with r is the ith son of m in the arena. 

In this way, we can associate a view with any branch of a closed typed A/i-forest. Nodes 
of even polarity become Opponent moves. Nodes of odd polarity become Player moves. 
A-edges give the justification pointers, /i-edges give the /i-pointers. Lists of CP-terms give 
instantiations. Finally we add justification pointers going from each Opponent move to the 
preceding one. 



22 



OLIVIER LAURENT 



Definition 2.30 (Arena isomorphism). An arena isomorphism f from A to B is a bijection 
between the nodes of A and the nodes of B which respects the order, but also the atomic 
labels up to the first-order labels: the move m and the move /(m) must have first-order labels 
of the same length, this induces a mapping of the elements of the first-order label of m to 
the elements of the first-order label of /(m); using this mapping, the atomic label of any 
node n must be mapped to the atomic label of /(n). 

Lemma 2.31 (Isomorphic arenas). If there exists an arena isomorphism between two are- 
nas, they are isomorphic in the category Q. 

Proof. The arena isomorphism / induces a strategy {s E T^a^b I s /-frigid A Vt < p 
s,/(t \a) = t \b} which is an isomorphism in Q (see |Lau05a[ Proposition 6]). □ 

Theorem 2.32 (Equivalence completeness). The game model is equivalence complete: the 
categories S and are equivalent. 

Proof. We have already seen in Section 11.31 that S c is equivalent to S. We want to show 
that the interpretation functor from S c to Q* f defines an equivalence of categories. We 
have established translations from typed A/U-terms in canonical normal form to typed Af- 
forests (and back) and from typed A^-forests to view functions on the corresponding arena 
(and back). One can check that all these correspondences are one-to-one. Moreover the 
view function associated with a given typed A/x-term in canonical normal form by these 
correspondences is the same as the one obtained through the interpretation given in the 
beginning of this section (and coming from the control category structure of Q xi ). This 
shows the interpretation functor to be full and faithful. 

Finally, any arena is isomorphic to the interpretation of a type in canonical form: by 
Lemma l2.31l it is enough to prove that any arena is arena isomorphic to the interpretation 
of a type in canonical form. This is done by induction on the number of nodes of the 
arena. □ 

Corollary 2.33 (Canonical forms are canonical). Two canonical normal forms equal up to 
(3rjfj,p8 are equal. 

Proof. If M and N are two canonical forms such that M c^^^^pQ N then [M] = \N\ thus 
M = N by faithful completeness. □ 

The concrete meaning of Theorem 12.321 is mainly that any total finite strategy on a 
1-arena is the interpretation of a unique closed A//-term in canonical normal form. 
This ends the description of our game model. 

3. Related models 

From the game model of first-order classical logic (and the associated completeness re- 
sult) described in the previous section, we will define complete models for different systems. 
Some of these derived models are strongly related with (or even equal to) already known 
ones. 
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3.1. Intuitionistic restriction. Inside the category Qi, particular strategies (let us call 
them X-strategies) are obtained by asking //-pointers to always have the preceding move as 
target (/i-rigid strategies are a particular kind of A-strategies). Through the completeness 
results above (Theorem I2.32p . they correspond to A/i-terms in which the /i and [_] construc- 
tions are always used together in the shape //a [a]. By 9 equivalence, such a A/i-term is equal 
to a A-term (all the fj,a[a] can be erased). As a consequence, A-strategies provide an equiv- 
alence complete model of the Church style first-order A-calculus and, thus, of first-order 
intuitionistic logic. 

3.2. A-calculus over one/many atom(s). We consider the simply typed A-calculus over 
one atom. We interpret this atom exactly as _L. In this case there are no labels on the arenas 
associated with types (neither atomic formulas, nor first-order variables). Such arenas are 
called ground arenas and the full sub-category Qqq of Q is given by the restriction to ground 
arenas. Qqq is exactly the category of games presented in [DHR96] since plays are using 
neither instantiations nor //-pointers. As shown in [DHR96| . it is a fully complete (and even 
equivalence complete) game model of the simply typed A-calculus over one atom. 

To take into account multiple atoms, we go back to arenas with atomic labels on nodes. 
By considering atoms as 0-ary relation symbols, types are interpreted as arenas with an 
atomic label of length 1 associated with each node. Simply typed A-terms are interpreted 
as A-strategies (introduced just above) and /i-pointers are replaced by the condition that 
the (unique element of the) atomic label of a Player move is always the same as the atomic 
label of the previous move (exactly in the spirit of token-reflecting strategies of [MurOlt 
page 122]). This extends the model of [DHR96 to an equivalence complete model of the 
general simply typed A-calculus. 

Equivalently this gives a complete game model for IT 1 formulas. Indeed we can distin- 
guish three levels in full completeness results for logics with propositional atomic formulas 
and second-order quantification: 

(1) only constant atomic formulas (or just one atomic formula since it can be identified 
with _L) thus no quantification; 

(2) many atomic formulas but no quantification (or equivalently IT 1 formulas since outer- 
most universal quantification has no impact), this is the level corresponding to propo- 
sitional logic; 

(3) general quantification over propositional variables (this is much more difficult and will 
not be addressed here, see Section [6] for future work and references). 

3.3. Well bracketed HO/N games (propositional logic). In the original works on 
HO/N games [HO00[ INic94j . nodes in arenas had an additional labelling with Q/A labels 
corresponding to a notion of questions and answers. We are going to compare the informa- 
tion encoded with questions and answers and the one given through /j-pointers. 

In this section we consider games (arenas and strategies) without first-order information. 
In order to avoid confusion with strategies as given in [HO00], (innocent) strategies as used 
in the previous sections will be called ^-strategies here. 

Definition 3.1 (QA-arena). A QA-arena is an arena (without any first-order label) such 
that if a node has a non-empty atomic label on it, then this label is a singleton and the 
node is a leaf and is not a root. 

Labelled nodes are called answers and the others are called questions. 
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Definition 3.2 (Label-rigid strategy). A play s on a QA-arena is rigid if for any P-prefix 
tmn of s, m is an answer if and only if n is. It is label-rigid if moreover the labels of m and 
n are the same. 

A strategy on a QA-arena is rigid (resp. label-rigid) if all its plays are rigid (resp. label- 
rigid). 

The notion of rigidity corresponds to having both forward rigidity and backward rigidity 
as defined in [HL06J. In the case (as here) where answers are leaves and are not roots, 
forward rigidity is then the same thing as the notion of rigidity introduced in [DH01 . 
Label-rigidity is strongly related with token-reflection in jMurOH page 122]. 

QA-arenas and label-rigid strategies define a control category |Lau05bj and thus a model 
of the A/i-calculus (with or without totality). Let us call it the QA-game model. 

A rigid view of even length contains either only questions or its only answers are its 
last two moves (conversely a view satisfying one of these properties is rigid). 

Definition 3.3 (Well bracketed strategy). A view s on a QA-arena is well bracketed if any 
Player answer of s is justified by the last Opponent question. A strategy on a QA-arena is 
well bracketed if all its views are well bracketed. 

For a rigid view, being well bracketed means either containing only questions or being 
of the shape sqiqjai^- 

Definition 3.4 (Folding and unfolding of arenas). Let A be an arena, the unfolding of A 
is the QA-arena A obtained in the following way: to any node m of A having atomic label 
[Xi, . . . ,X n ], we add n new sons (denoted mx t and labelled with Xj, 1 < i < n) and we 
erase the atomic label of m. 

Let A be a QA-arena, the folding of A is the arena A obtained in the following way: we 
remove all the answers of A and for each of them we put its label in the atomic label of its 
father. 

Example 3.5. The arena corresponding to the type X and its unfolding (a QA-arena with 
answers represented as squares), which is the interpretation of X in the QA-model, are: 

I 

* X 

The interpretation of _L is the same in the two models and is its own folding/unfolding. 

Definition 3.6 (Folding and unfolding of strategies). Let A be an arena and s be a view 
on A, the unfolding s of s is the set of views given by e = {e} and srnn = {somn} U 
{somnnxn'x | X in the atomic label of n} where sq is s without its //-pointers, the //-pointer 
of srnn starting from the element X of the atomic label of n goes to the element X of the 
atomic label of the occurrence of move n', and n'x points to this occurrence of n'. The 
unfolding a of a //-strategy a (in fact of its view function) on A is the union of the unfoldings 
of its views. 

Let A be a QA-arena, a be a total label-rigid strategy on A and s be a view in a ending 
with a question (more precisely, not ending with an answer), the folding s of s is the view 
on A given by e = e and srnn = srnn where the //-pointers of n are obtained in the following 
way: for each atomic label X of n in A, there is exactly one corresponding answer in A, 
we consider the only play of the shape sinnxiij (for some n' x which is an answer pointing 
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to some n') in a and we put a //-pointer from the label X of n to the label X of n'. The 
folding of a is the set of the foldings of its question-ending views. 



Example 3.7. The arena corresponding to the type {{{X — > Y) 
unfolding are: 



X) -4 X) and its 



X 
X 
Y 

i x 



The following view with its prefixes of even length define a //-strategy on the starting arena: 

( ( X -4 Y ) -4 X ) -4 X 



The maximal views of its unfolding are: 

( ( x -> y 



Lemma 3.8. If a is a /i-strategy and s and t are two plays in a which differ only on their 
fi-pointers then s = t. 



Proof. By induction on the common length of s and t, or by Lemma lB.ll 



□ 
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Lemma 3.9. If s £ a does not end with an answer, there exists a unique play t in a such 
that s € t. Moreover s is obtained from t by removing its ^-pointers. 

Proof. The existence of t is given by definition of a and t is such that removing its //- 
pointers gives s. If there exist two plays satisfying the required constraints, they must 
differ only on their //-pointers (since forgetting them leads to s in both cases), thus they 
are equal by Lemma [3781 □ 

Theorem 3.10 (Completeness of unfolding). Let A be an arena, a i— > a and r i— > r define 
a bijection pair between total fi-strategies on A and total label-rigid strategies on A. 

Proof. We are going to prove the following statements: 

(1) If a is a //-strategy on A then a is a label-rigid strategy on A (and if a is total then 
so is a). 

(2) If r is a total label-rigid strategy on A then r is a total //-strategy on A. 

(3) (A) = A and (A) = A. 

(4) If a and r are total, (<r) = a and (r) = r. 
First statement: 

• If smn £ a, by construction, either m is a question and so is n or m is an answer and n is 
also an answer and has the same label. As a consequence, smn is label-rigid. 

• a contains e, contains only views and is P-prefix closed by definition. 

• If smn £ a and smn' £ a, we first consider the case where m is a question (then both n and 
n' are questions). By Lemma 13.91 there exist two plays tmn and t'mn' in a such that smn 
(resp. smn') is obtained from tmn (resp. t'mn') by removing its //-pointers. By Lemma [3 .81 
we know that t = t' so that, by determinism of a, tmn = t'mn' and thus smn = smn'. 

In the case where m is an answer (then both n and n' are answers and these three moves 
have the same label), then smn and smn' belongs to some t and t' that can only differ 
on their //-pointers thus, by Lemma 13.81 t = t'. As a consequence n and n' are the same 
move (the unique answer of A corresponding to the label X of the //-justifier of the label 
X of the last move of s) and have the same justifier (this //-justifier of the last move of 

s). 

• We now look at totality. If s £ a and sm is a view on A then s contains only questions 
and, by Lemma 13.9} we can find a play t in a such that s is obtained from t by removing 
its //-pointers. First, if m is a question, by totality of a, there exists tmn in a and thus 
smn (obtained from it by removing the //-pointers) is in a. Second, if m is an answer, by 
definition of t, there exists some n such that smn £ t C a. 

Second statement: 

• We first check that s £ r is a well defined play. There is exactly one //-pointer for 
each formula of each Player move: each such occurrence leads to an answer in A thus 
corresponds to an Opponent move which has been played in some play of r by totality. 

• Then, by definition, r is a non-empty P-prefix closed set of even length views. 

• If smn £ t and smn' £ r, then n = n' and they have the same justification pointer by 
determinism of r. Finally their //-pointers are the same since they are computed in the 
same way, thus smn = smn'. 

• t is total by immediate application of the totality of r. 
Third statement: 
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• The moves of (A) are the moves of A and their atomic labels are obtained by moving 
them on a new leaf and then moving them back to their father so that (A) = A. 

• The questions of (A) are the moves of A which are the questions of A. The answers of 

(A) corresponds to labels of moves of A which corresponds to answers of A thus (A) = A. 

Fourth statement: for the two equalities, we consider total strategies and this allows us to 
prove only one inclusion in each case since totality entails maximality. 

• We consider a play in (a), and we prove by induction on its length that it belongs to 
a. If it is e then it belongs to a. Otherwise it is of the shape smn with smn £ a and 
n is a question in A. By Lemma 13.91 this entails that we can find a play t £ a such 
that smn £ t, and smn is obtained from t by removing all the //-pointers, s is a P-prefix 
of smn thus s £ id) and, by induction hypothesis, s £ a. The only possible difference 
between t and smn is about the //-pointers of n, but these //-pointers are built from the 
elements of t so that they are exactly the same as the corresponding /i-pointers in t. 
Finally smn = t £ a. 

• We prove, by induction on the length of t, that if t £ r then t C r. First, e C r. 
Otherwise we have t = t'mn. Let tonxn'x be an element of t, we easily see that to £ r. 
We look at the //-pointer of n corresponding to the label X in t'mn: it goes to the label 
X of the move n', but since it is an element of r, this means that tonxn'x £ r. □ 

Proposition 3.11 (Comparing the two models). Let M be a Xfi-term (resp. A be a propo- 
sition^ formula) interpreted as a (resp. Aq) in our game model and as r (resp. A\) in the 
QA-game model, we have a = r (resp. A\ = Aq). 

Proof. The part concerning formulas and arenas is obtained by a simple induction. 

Concerning terms and strategies, we prove it by induction on the term M with the 
interesting cases given by the \xa.M and [a]M constructions. Since a and r are total, it is 
enough to prove tQ a. 

• The interpretation of fia.M is almost the same as the interpretation of M. 

• For a term of the shape [a]M, by induction hypothesis, if ctq (resp. To) is the interpretation 
of M in our model (resp. in the QA-model), o~q = tq. We go by induction on the length 
of a play of r for proving r C a. Assume smn £ r where n is a question, by induction 
hypothesis, s £ a. There is a unique smni in a, we want to show n and ni to be the same 
move with the same pointers in smni and in smn . Since o~q = To, it comes from a look at 
the contraction strategies on A x A — > A (A± x A2 — > Aq with meaningless indexes) in 
both models. We directly have that n and ni come from the same node in the arena with 
the same justification pointer. Concerning the //-pointers, in our model each //-pointer for 
a move in Aq coming from a move in A\ is given in a //-rigid way and goes to the move in 
A\ (and the same in the other direction). In the QA-model, this corresponds to an answer 
nx played by Opponent in Aq and copied in A\ (with a justification pointer going to the 
last Opponent move in A\ in a well-bracketed way). After folding, one obtains the same 
//-pointer. □ 

We now consider Theorem 13.101 in the particular case where arenas are trees with at most 
one label on each node and where QA-arenas never have two answers with the same father. 
This corresponds to the interpretations of types built with propositional variables, _L and 
— K 



28 



OLIVIER LAURENT 



Types. 
X* = X -> _L 

±* = ± 

(A ->■ B)* = A* ^ B* 
Typed terms. 



a* 


= a 








(Xa.M)* 


= Xa.M* 








((M)NY 


= (M*)N* 








([a]M)* 


= (M*)ai . . . a n a 


if a has type A\ — > ■ 


'->An- 


> X 


(MM)* 


= (M*) ai ...a n 


if a has type A\ — > ■ 




-> 1 


(fia.MY 


= Xa\ . . . Xa n Xa.M* 


if a has type A\ — > ■ 


■ ^A n - 


> X 


(fMX.M)* 


= Aai • • • Xa n .M* 


if a has type A\ — > • 




-> 1 



Table 5: A translation from the A/x-calculus to the A-calculus 

Proposition 3.12 (Full completeness of the QA-model). Let A be a formula built with 
propositional variables, _L and — >, and let a be a total finite label-rigid strategy on the 
QA-arena interpreting A, 

• a is the interpretation of a Xfi-term of type A 

• a is the interpretation of a X-term if and only if a is well bracketed 

Proof. These two results are known and come with direct proofs by induction on the size of 
the strategy. We give here an alternative proof using our games and the notion of folding. 

By Theorem I3,10[ a is a total finite //-strategy on A. By Theorem 12.321 a is the 
interpretation of a X/i-term M of type A. By Proposition 13.111 the interpretation of M in 
the QA-game model is a. 

Finally, a is the interpretation of a A-term if and only if the //-pointers are always going 
to the previous move. This corresponds in a to the fact that any view is well bracketed. □ 

There is a purely syntactic counterpart to these semantic results: starting from a A-- 
term, it is possible to compute the associated strategy, then to unfold it and by completeness 
(of our first model as in Section 13.21 not of the QA-game model) to get back a A-term. This 
is a translation of the simply typed A/M-calculus into the simply typed A-calculus already 
studied in |Par97| . The unfolding of arenas corresponds to a translation of simple types 
into simple types (see Table [5]). A typing judgment r h M : A \ A is translated as 
r*, A* I- M* : A* where A* is obtained by transforming any a : A\ — > ■ ■ ■ — > A n — > X into 
«i : A*, . . . , q„ : A* n , a : X, and any a : A\ —>■••• — > A n — > _L into a\ : A*, . . . , a n : ^4* . The 
translation of A^-terms is given in Table [5l 

The present analysis is developed in the context of propositional logic since the two- 
moves game model was already known. However following these ideas of folding and unfold- 
ing of arenas, one could also define a first-order two-moves game model in correspondence 
with the one-move one and providing an encoding of the //-pointers. 
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3.4. Forgetting structure. In the spirit of comparing the various game models for various 
logical systems presented before, we can define forgetful transformations between them. 

This is mainly a digressive section since the remarks mentioned here can easily be 
given without any use of game semantics. However, we find particularly straightforward to 
understand them by means of games, following the idea of the forgetful functor GR used in 
Appendix [Bj 

From Church style first-order to Curry style first-order. In type systems dealing with quan- 
tification, we usually have the choice between two main presentations: Church style systems 
and Curry style systems. The first ones are explicitly mentioning the quantification infer- 
ence rules inside terms (as we do here from the beginning) while the second ones are not 
modifying the typed term when dealing with such a rule: 

rhM:i|A r h M : VxA \ A 

r h M : ^xA | A X * r ' r h M : Z[%] | A 

From these considerations, it is absolutely immediate by starting from a Church style 
typed A/^-term of type A and by erasing the Ax._ and constructions to get a Curry 
style typed A^-term of type A. 

An example is given by: 

Ax = Vx(Vy(Ax -> Xy) -> _L) -> JL 

Mi = \f.(f{x})Ay.\d.fj,a.(f{y})Az.\a.n5[a]a 

M 2 = Xf.{f)\d.fia.{f)Xa.n5[a]a 

where Mi is of type A± in the Church style system and M 2 is of type Ai in the Curry style 
system. 

Our game models are useless at this level since we have not considered models of Curry 
style systems. Let us go to the next step. 

From Curry style first-order to classical propositional. The term language is the same for 
a Curry style first-order type system and for a propositional type system. If M is such a 
A^-term typable with type A in the Curry style first-order system, then M is typable with 
type A 1 in the system of simple types (that is in propositional logic) where A' is obtained 
by erasing all the first-order information in A (i.e. \/x.B \— > B and Xt i— > X). 

Proposition 3.13 (Church to propositional). By composing these two steps we obtain a 
X/i-term typed in the simple types system from a X\i-term typed in the Church style first- order 
system. 

Proof. If a is a first-order strategy on the first-order arena A, by removing all the instanti- 
ation information, we obtain a propositional strategy on the propositional arena obtained 
from A by removing the first-order information in labels (we remove the first-order labels 
and we apply Xt h- > X in the atomic labels). 

Through the correctness and full completeness theorems, these transformations de- 
scribed on strategies and arenas exactly correspond to the syntactic transformations going 
from Church style typed A//-terms to simply typed A/i-terms. □ 



30 



OLIVIER LAURENT 



As an example, the A//-term M2 above has type A± in the Curry style type system but 
also the type A3 = ((X — > X) — > _L) — > _L in the system of simple types. 

From classical propositional to intuitionistic propositional. It is possible to go one step fur- 
ther by erasing all the //a and [a] constructs in a simply typed A//-term of type A, and by 
transforming A into A' by mapping all the propositional variables of A to the same atomic 
formula _L. 

Proposition 3.14 (Classical to intuitionistic). This transformation gives a simply typed 
X-term from a simply typed \\i-term. 

Proof. Starting from a propositional strategy a on the arena A and by removing all the 
//-pointers, we obtain a strategy on A' in the model with one move for atoms [DHR96 
where A 1 is obtained from A by removing all the labels. 

By correctness and full completeness of these models, we derive the syntactic result. □ 

Going on with our example, while M2 has type ^3, the corresponding A-term: 

M 4 = Xf.(f)Xd.(f)Xa.a 

has type A^ = ((_L — > _L) — > _L) — > _L in the simply typed A-calculus with one atom denoted 
_L. 

The global move from the Church style classical first-order game model to the intu- 
itionistic propositional game model is nothing but the application of the GR functor (see 
Appendix [B]) . 

3.5. Linear A//-calculus. Following the definition of the linear A-calculus, the linear A//- 
calculus is one of the possible presentations of a linearized version of classical logic |Lau02[ 
Chapter 14]. A closed A//-term is linear if each variable (A- variable or //-variable) has exactly 
one occurrence (two if we count the occurrence with the binder A or ju). A typical example 
is the term Xf./j,a.(f)Xa.[a]a of type ((X — y L) — > _L) — > X. 

Since the linear A//-calculus is defined as a restriction of the A//-calculus, any model of 
the A/i-calculus is a model of the linear A//-calculus. However it is not always easy to define 
a fully complete sub-model for the linear sub-calculus. Various works on game semantics 
propose ways of going in this direction [GirOll IFH02t ILai05| by mainly asking for each move 
to be played once in a strategy. We are going to show that it is also possible to use the 
pointers (the key point being the introduction of //-pointers in our work). 

Concerning A- variables (thus A-pointers), the very natural definition of a X-linear strat- 
egy is just to ask, in the tree of views, that for each occurrence of an Opponent move m 
there is exactly one occurrence of each Player move enabled by m which is A-pointing to m. 

We apply the same kind of idea to //-pointers: a strategy is ^-linear if, in the tree 
of views, there is exactly one //-pointer from a Player move going to each atomic label of 
each Opponent move. A particular case of //-linear strategy is given by the A-strategies of 
Section 13.11 

Proposition 3.15 (Linear equivalence completeness). X-linear and [i-linear strategies give 
an equivalence complete model of the linear A//- calculus. 



Proof. Easy to check by following the proofs of Section 12.51 



□ 
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These ideas can easily be extended to notions of A-afnne and ju-afnne strategies. Notice 
that being linear or affine depends on the type associated with a strategy as shown in the 
following examples. 

Example 3.16. The simplest proof of the double negation elimination: 

h \f.na.{f)\a.[a}a : ((X -> 1) -> 1) -> X 
corresponds to a A-linear and /i-linear strategy: 

( ( X -> J_ ) -> J_ ) -► X 




By slightly modifying the type, we have to slightly modify the proof: 
h \f.na.(f)\a.(i5[a]a : ((X -»• F) -> _L) ->• X 
which corresponds to a A-linear and /i-afnne strategy (which is not /i-linear): 

( ( X -»• F ) -»• _L ) -> X 




The simplest proof of Peirce's law: 

h A/.^a[a](/)Aa.^[a]a : ((X -> F) -»■ X) -> X 
corresponds to the A-linear strategy (which is not /x-affine) already given in Example 13. 7t 

( ( X -> F ) X ) -»• X 




4. Type isomorphisms 

It is proved in Appendix lA.2l that all the equations of Table [3] are syntactic type isomor- 
phisms. We are going to prove that no other isomorphism is syntactically valid, by means 
of game semantics through the method developed in [Lau05a . 

Definition 4.1 (Zig-zag play). A play s in the arena A — > B is a zig-zag play if it is /i-rigid 
(see page LT2j) and: 
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• each Player move following an Opponent move in A (resp. B) is in B (resp. A) 

• each Player move in A following an initial Opponent move in B is A-justified by it 

• the A-pointers in s \a and s \b are the same 

We denote by s the unique zig-zag play on B — > A such that s \a = s \a and s \b = s \b- 

In order to reuse results from [Lau05aJ , we define the function GR from arenas to ground 
arenas which erases the labels of its argument. If s is a play on A, we define GR(s) as the 
play on GR(^4) obtained by erasing the instantiations and the //-pointers. We extend GR to 
sets of plays by applying it point-wise. The main properties of GR are given in Appendix ITJl 

Lemma 4.2 (Zig-zag lemma). If (a, r) defines an isomorphism between A and B in Q\, 
then they contain only zig-zag plays and r = W. 

Proof. Since (GR(cr), GR(r)) is an isomorphism between GR(^4) and GR(i?) (by Lemma lB.3l 
page |4"6]) . we already know that plays in GR(ct) and GR(r) satisfy all the conditions of zig- 
zag plays but maybe //-rigidity (see [Lau05al Proof of Theorem 9]). We also know that 
GR(cr) and GR(r) are total thus a and r are total, by Lemma IB. 141 page 1501 

We prove by induction on k that if s is a play of length k in a then s is zig-zag, s 
is in r and there is an interaction sequence u on A, B and A such that u \a^b = s and 
u \b^>a = s. It is immediate for k = since s = e and thus u = e. Let smn be a play in a of 
length fc + 2, by induction hypothesis, we have s € r and an interaction sequence u. Assume 
m is in A (the case m in B is symmetric) with a singleton atomic label (the case of an empty 
atomic label is simpler). We already know that n is in B. We define u' = uminrn' where mi 
is a copy of the move m in the first A and m' is such that u' \b-*A £ T (this move exists by 
totality of r). We have u' \a->b = smn € a thus u' \a->A £ icU- This means that in u' \a^a 
the last move m' has its //-pointer going to the previous move mi and its instantiation is the 
same as the instantiation of mi. The only way to have these properties is that m' //-points 
to n and n //-points to mi in u', and also that if x is the O-instantiation of mi, y is the V- 
instantiation of n, z is the O-instantiation of n and w is the ^-instantiation of m' in u' then 
x = y and z = w. This proves smn to be a zig-zag play. Moreover u' \a^>-a £ icU also entails 
that m' and mi are "the same move with the same pointers" thus u' \b—>A = smn € r. □ 

Theorem 4.3 (Game isomorphisms). Two arenas are isomorphic in Gi if and only if they 
are arena isomorphic (Definition \2.3(A paae[¥I\). 

Proof. We start with the first direction. By |Lau05al, Theorem 9], there exists an arena 
isomorphism / between GR(^4) and GR(S). Moreover if smn € a (with m S A) then the 
node corresponding to n in GR(-B) (thus in B) is the image by / of the node corresponding 
to n in GR(vl) (thus in A) and there exists such a play for any move m of A. 

We prove by induction on the depth of the node m in A that / maps the labels of m to 
the labels of /(m) turning it into an arena isomorphism between A and B. Let smn be the 
view in a dealing with the node m, it is //-rigid (Lemma 14. 2p . thus if Xt is the atomic label 
of m and X't' is the atomic label of n, we have X = X' and t9 m = t'0 n . Moreover m and n 
have the S£ini6 instantiation (thus first-order labels [xi, . . . ,x/^ ] and [yi, . . . , yk] of the same 
length in their respective arenas). If m is a root of A, its instantiation is [oq, . . . , Ok-i] and 
&m = {%i !-> 0o, • • • ' x k ^ °fc-i}- n i s also a root and it has instantiation [oo, . . . , Ofc-i] thus 
On = {yi 00, • • • ,Vk >-> 0fc-i}- From this we can deduce t' = i[ Vl / xl ,- ■ ■ , m / x k ] showing 
that / respects the atomic label of m and n. If m is not a root in A neither is n, and we 
assume m is an Opponent move (otherwise we work with f~ l ) so is n. Let mo be the justifier 
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of m in s (and no be the justifier of n), m and n have instantiation [oi, . . . , Oi+k-i] in smn ) and 
#m = 0mo U {xi h-> Oi, . . . , x k H> o i+fc _i} and 9 n = 6 no U {yi >->• o,, . . . , y k h-> Oj+fc-i}. From 
this we obtain that the mapping of first-order labels induced by / maps t to t' . 

The second direction is given by Lemma 12.311 page 1221 □ 

All these results can easily be extended to Q but are not required here. See Section [6] 
for possible applications of this extension. 

Corollary 4.4 (Type isomorphisms). Tabled exactly characterizes the type isomorphisms 
of the Church style first-order Xfi-calculus. 

Proof. Let A and B be two isomorphic types. They are both isomorphic to canonical forms 
Aq and Bq (see Section [L~3|) . By soundness of the game model, the arenas IAq} and [.Bo] 
interpreting Aq and Bq are isomorphic in Q\ thus are arena isomorphic (Theorem I4.3[) . We 
prove by induction on the common number of nodes of \Aq\ and [-Bo] that Aq and -Bo are 
equal up to the equations of Table [3] (so that A and B are also equal up to these equations) . 
Let / be the arena isomorphism between \Aq\ and [-Bo], / defines a bijection between the 
roots of the two arenas. If there is more than one root, Aq and Bo are conjunctions and 
each tree corresponds to one component. We apply the induction hypothesis to the pairs 
of trees whose roots are related through /. Since Table [3] contains the associativity and 
commutativity of conjunction, one obtains that Aq and -Bo are equal up to the equations. If 
[^4o] and [-Bo] are trees, Aq and -Bo are —^-canonical forms. Let [x\, . . . , x k ] and [yi, . . . , yk] 
be the first-order labels of their roots (they have the same length), their atomic label are 
either empty or Xt and Xi[ yi / Xl , . . . , Vk / Xk ]. Let Fa and Fb be the forests under these 
roots. By induction hypothesis, Fa and Fb[ Xi / yi , ■ ■ ■ , Xk / Vk ] correspond to canonical forms 
Ai<j< n Ai and /\i<i<n equal up to the equations. We can conclude since \/x{A\ 

A'^r R) and Vy f^f 1 / Xl , . . . ,» / Xk ] -> ► B n [ Vl / Xl , . . . v* / Xk \ -> S) are equal up to 

the equations (with R = S = _L if the roots of \Aq\ and [-Bo] have an empty atomic label 
and with R = Xt and S = Xt\ yi / Xli ... , Vk / Xk ] otherwise). 

Finally, by Appendix IA.2|, if A and B are equal up to the equations of Table EJ A and 
B are isomorphic. □ 



5. Krivine's REALIZABILITY 

Realizability is used in the study of the computational properties of proofs in intuition- 
istic logic. The setting introduced by J.-L. Krivine allows for the extension to classical logic 
and even set theory [KriOlJ. In particular, he showed more recently that computational 
interpretations of classical proofs can be given through a notion of games by means of his 
realizability interpretation. We are going to explain the close relation between his games 
and game semantics as presented in this paper. 

5.1. A quick introduction. In the setting of Krivine's realizability, terms are studied 
through their computational behaviour via a notion of execution very similar to what hap- 
pens in Krivine's abstract machine |Kri07| . 

A state is a pair of a Curry style A/i-term M (see Section I3.4p and of a stack ir: 

ir ::= e I a I M.tt 
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Such a state is written M txi tt and the execution is given by a relation y between states: 

Xa.M 00 N.ir y M[ N / a ] M vr 
(M)N mtt^Mm AT.tt 
/ua.M ex 7r >~ M[^/ a ] xi e 
[a]M tx} e >- M cxi a 

where M[ M i~ M *- e / a ] = M^^-^/mjv] and M[ M ^- M ^/ a ] = M[W {N)Ml - Mk / [a]N ]. 
Through the following embedding of states into A/x-terms: 

M :>: M, ... M k .e (->• (M)Mi . . . M fc 

M M Mi . . . M k .a \-> [a](M)Mi ...M k 

these execution rules are simulated by the (3/ip reduction. 

5.2. UVA provability game. In this section we give a straightforward adaption of results 
in [Kri06l pages 77-86] to our setting. We introduce the notion of UVA game. 

A position is a triple (U, V, A) where U and V are sets of formulas in — ^-canonical form 
and A is a set of non-constant atomic formulas. 

An Opponent move consists in choosing a formula \/x(A\ —)■•••—> A n — > R) in V and 
first-order terms t. We then go to the position (U U {Ai f/g] ,...,A n f/g]}, V,AU {Rf/g]}) 
iSR^± and (U U {A 1 f/g] ,...,A n V, A) otherwise. 

A Player move consists in choosing a formula Vx(Ai A n — > R) in U and 

first-order terms t such that, if R ^ _L, R^/g] is in A. We then go to the position 

(U,{A 1 f/ s ],...,A n f/g]},A). 

An initial position is a position with IA = A = (in particular the initial position 
associated with a formula A is (0, {^4i, . . . , A n }, 0) if the canonical form of A is /\ 1<i<n Ai). 
A final position is a position with V = (it corresponds to positions where Opponent cannot 
play). 

A play is a (possibly empty) sequence of moves in which players alternate and which 
starts from an initial position by an Opponent move. If an initial position is given, Player 
is said to have a winning strategy if he is able to choose his moves in such a way that he is 
always able to play and to eventually reach a final position (meaning that Opponent wins 
in infinite plays). 

The main property of UVA games is the following theorem of Krivine: 

Theorem 5.1. A is a provable formula if and only if there exists a winning strategy for 
Player in the associated UVA game. □ 

More precisely, if M is a Curry style A/i-term of type A, M implements a winning 
strategy for Player in the UVA game associated with A: 

With each formula A we associate a A-variable oa and with each non-constant atomic 
formula R we associate a /^-variable cxr. If M has type A = Mx{A\ —>•••—> A n — > R), we 
choose first-order terms t and we look at the execution of M co o^riy i • • • a A n f/g]' a Rft/ ] ( or 
with e instead of a m?/ 3 1 if -R = -L). It is shown that execution will stop in a state o^.rf/j x tt 

with -k = Mi... M k .a if Aif/g] = \/y(Bi -)• ► B k ->• 5) (or with e instead of a if 5 = _L). 

There exists a choice of first-order terms u such that for any choice of 1 < j < k and any 
choice of the first-order terms v with Bj[ u /^\ = \/z{C\ — >• • • • — > C p — > T), the execution of 
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Mj m a CiP/z-] ■ ■ ■ a c p/-] - a Tp/ ? ] wu l stop in a state cld x vr' and so on... Whatever choices 
(for j and if) we make between the steps of this sequence of runs, it will stop in a state 
a x a (or a X s). 

If we interpret execution steps (with the choices of it) as Player moves and index choices 
(with the choices of v) as Opponent moves, this shows that a Curry style A//-term of type A 
induces a winning strategy for Player in the UVA game associated with A: each sequence 
of runs is a play in this game. 

5.3. Relation with game semantics. We are now going to extend the previous corre- 
spondence between execution of terms and the UVA provability games to a correspondence 
between execution and our game model by just a slight modification on the execution se- 
quence. This correspondence is in fact the starting point of the present work on game 
semantics. 

The modifications we have to do concern the use of Church style A/x-terms and the 
possibility of recovering pointers in games. 

The explicit use of first-order terms in the construction of A/i-terms corresponds to the 
following execution rules: 

Ax.M X t.TT y Mp/cc] X 7T 
M{t} X 7T >- M X t.TT 

where stacks are extended with the construction t.TT. 

With each formula A we associate a denumerable set of A-variables (a^)z G N an d with 
each non-constant atomic formula R we associate a denumerable set of /U-variables (a l R )i^. 
Starting with a Church style A//-term M of type A = \/x(A\ —>■•••—>• A n — > R) with x of 
length n' , we proceed as follows: 

• We start with a state: M X U . . . t„i.a . „-, , . . . a\ , t , ,.orL„-, , . 

Ai[y s ] A n [*/ S ] R[*/g] 

• When execution stops (for the ith time) in a state: XI u\ . . . uy.M\ . . . M^.a with B = 
\/y{B\ — >• • • • —7- B}~ — > S) (with e instead of a if S = _L), we choose first-order terms v and 
an index 1 < j < k and we start a new execution Mj cxi vi . . . vw.a^ , , . . . a 1 ^" , , , n 

where Bjf/g] =\/z{d^ >C P ^T) (with e instead of a™}/-] if T = _L). 

An important point in the choice of the a l A s and a^s is that they are always fresh (i.e. not 
used yet). 

Such an execution sequence can be interpreted as a play (as defined in Section I2.2p 
where Opponent moves are given by the choices (v± . . . v v i.a 1 ^ w , , . . . a!^L, i-a£t#; i for ex- 

ample) and Player moves are given by the results of executions (a 1 ^ xi u\ . . . u^.Mi . . . M^.a 
for example) . More precisely we can rebuild a view with its pointers and instantiations from 
such a sequence. We consider only the case where first-order terms introduced in Oppo- 
nent moves are fresh variables (by innocence, this is enough to recover the corresponding 
strategy). 

Since we focus here on — ^-canonical forms, the corresponding arenas are trees, and the 
starting state M X x\ . . . x^'.a 1 . <f , , . . . a\ ,?, , is interpreted as Opponent playing 

the root of this arena with instantiation x (a 1 - ...a and a 1 r, are given as 

Al[ I Si A n [ I x\ R[ I x\ 

possible targets for future pointers). From that point, a result of execution of the shape 
a X] u\ . . . Ufc/.Mx . . . Mfc.a is interpreted as a Player move: its A-pointer is going to the 
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Opponent move m where a has been introduced (and let % be its position in the state 
corresponding to m), the move n itself is the zth son of m in the arena, the instantiation 
is u and the //-pointer is going to the move where a has been introduced (if we have e 
instead of a, there is no //-pointer). The next starting point of execution Mj ix y\ . . . y p i.ir 
is interpreted as Opponent playing the jth son of n in the arena with a A-pointer going to 
the previous move n (as required for a view) and instantiations y. 

Proposition 5.2. We obtain this way a view on the associated arena if Opponent plays its 
instantiations according to (oj),^. 

Proof. We build the view s by induction on the length of the execution using the fact that 
types are appropriately preserved along the execution (as shown through the embedding 
into the A/i-calculus given in Section f5 . 1 1) : 

• The starting state of the shape M ixi oq . . . o n >-\.a\ , 3l , . . . a. , 3 , ,.qL, , is interpreted 
as a valid Opponent initial move m on the arena associated with A. s is just this move. 
Moreover, this defines a substitution 6 m = {x\ i— >• oq, . . . , x n i i— > o n '_i} as in the definition 
of plays. 

• If we arrive at a state a q B to u\ . . . ui-i.Mi . . . M)..a% , let m be the move of s corresponding 
to the state where a q B has been introduced and let i be the position of a q B in the sequence 
a in this state. Let n be the node of the arena A which is the ith son of the node 
corresponding to m in A, we extend s with n with a A-pointer going to m (this is a correct 
A-pointer). By preservation of typing in the execution, B is of the shape Vyi . . . \/yy{B\ — >■ 
• • • —¥ Bf, —¥ S'). This means that the node n in A has a first-order label of length k' and 
has k sons. As a consequence, u\ . . . uy is an appropriate instantiation for the move n, 
and we can define 6 n = # m U {y\ \-t ui, . . . , yy h4 The atomic label of n in A is So 
with So# n = S'[ Ul / yi , . . . , Uk ' jy ,] = S = Si9 m > where S*i is the atomic label of the move 

m corresponding to the state where a s has been introduced. It is then valid to put a 
/i-pointer from n to m' and sn is a correct view in A. 

• Almost the same with a state a q B ixi u\ . . . uy .M\ . . . M^.e but without //-pointer. 

• In order to run the execution again, we build a new state: 

Mj co Oi . . . Oi +p '-i.a l Ci p/^ . . . a l Cp yv / ? ]- a Tp, / g ] 

(which respects the types). This corresponds to playing the jth son m of the node 
corresponding to the last move of s with a A-pointer going to it and an instantiation 
[oi . . . Oj_|_p'_i] where m has a first-order label of length p' in A. This proves sm to be 
correct view on A. □ 



6. Extensions and additional comments 

We have chosen to work, on the syntactic side, with a natural deduction system (the 
A//-calculus) . Another possibility would have been to deal with a sequent calculus system 
(as in [Lau05bj for example). It would not make very important differences. The notion of 
proofs in canonical form in the sequent calculus is given by cut-free proofs with expanded 
axioms (introducing only non-constant atomic formulas). In this context, //-pointers would 
precisely correspond to these atomic axioms connecting together two dual occurrences of 
an atomic formula. In |Lau05b| . an encoding was required and //-pointers were somehow 
the missing data. 
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Another specific choice was to deal with a A^-calculus without disjunction or negation. 
Negation is easily definable through —>A = A — > _L and disjunction can be introduced as 
in Selinger's calculus [SelOl] with two new term constructs: n(a,/3).M and [a,0\M. The 
associated typing rules are: 

T,a: Ah M : ± \ A T h M : ->A | A T h N : A \ A 

r h ia.M : -.A | A r h M • N : _L | A 

rhM:iV5|A,a:,4^:B rr-M:±|A,a:A,/3:B 



T h [a,/3]M : ± | A, a: A,P : B TV- [i(a,p).M : A V B | A 

All the required material for interpreting these extensions is already given in the game 
category Q we have described. In particular, the interpretation of disjunction makes Q\ not 
big enough and requires us to work with the full control category Q (as done in |Sel01] ). 

The explicit treatment of these extensions would require some additional work on the 
syntactic side, in particular for the notion of canonical form. However no surprise would 
come from this and the results presented in this paper would extend without any particular 
problem. We can mention that, concerning type isomorphisms, the following equations 
would be derived: 

A V (B V C) = {A V B) V C 

Ay B = By A 
A V _L = A 
A V (B A C) = {A V B) A {A V C) 
iVT = T 

A yVxB = y X (A y B) x<£A 
-i(A A B) = ^Ay^B 
-iT = JL 
A -> B = -iA V B 



Enumerated data types such as Bool or Nat are usually interpreted in game semantics 
by QA-arenas with one root (a question) which has as many sons (which are answers) as 
elements of the data type (possibly an infinity) . The traditional approach of game semantics 
is to build everything from these enumerated data types without any use of atomic formulas. 
We have shown in Section 13.31 how the label-rigidity constraint makes answers exactly as 
expressive as //-pointers. It would be interesting to relax this constraint to deal with systems 
with both enumerated data types and atomic formulas. Some work has already been done 
in [HL06] to understand the expressive power of various possible restrictions on the use of 
answers (in particular some are weaker than label-rigidity). This would help to understand 
more precisely the possible applications of /i-pointers to the semantics of programming 
languages in relation with extensions of PCF with control operators (starting from [Lai97j 
and [LaiOlj ). 

The question of introducing enumerated data types in Krivine's realizability as been 
considered in jBef04j . It would be nice to also extend the correspondence between games 
and realizability to data types. 
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Let us now look at the most natural logical extensions of this work. Concerning first- 
order logic, it would be important to introduce the equality predicate and to be able to 
deal with given equational axioms and not only with the free first-order language. Once 
again this could be developed in relation with what happens in Krivine's realizability. What 
makes such an extension difficult is the requirement of some dynamism in arenas: an arena 
has to dynamically evolve during a play according to the moves of the players. Concerning 
equality, it is just a matter of a node being able to disappear (when an equational atomic 
label t = u of a node becomes true). 

This dynamics induced by moves on arenas is at the core of the game interpretations 
of (propositional) second-order logic (see [Hug97 ldL07| for example). Being able to mix 



our work with second-order interpretations is the main direction for future work leading 
to an equivalence complete game model of full second-order logic. An immediate conse- 
quence would be the associated characterization of type isomorphisms. We conjecture the 
corresponding equational theory to be the union of ours with the second-order one given 
in [dLu8] , together with Vx\/XA = VXVxA. 
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Appendix A. Some properties of the A/i-CALCijLus 

A.l. Canonical normal forms. A A/U-term M is simple if it is in the grammar: 

M ::= a \ Xa.M | (M)M | fia\0\M | Ax.M | M{t} 

We first remark that any typed A^-term without pairs, projections or * is equal to a typed 
simple Xp-teim up to p: we choose a particular fresh variable £ of type _L, we transform any 
[a]M into p£[a]M (by [a]M = p [£]/4[a]M = p fi£[a]M) and any fxa.M into fia[£]M (since 
M must be of type _L). To see that the result is typed, we add £ : _L to the right-hand side 
typing context. 

Our goal is to show the existence of a canonical normal form for any typed simple 
X/i-teim. We are going to adapt results coming from |Py98[ Chapter 5]. We recall the 
reductions defined in that work in Table El Notice that they are all validated by the f3r]fj,p6 
equational theory. The only interesting case being the i^-reduction: 

fia.M = v Xa.(pa.M)a = M Xa.fj,a.M[ [a](L)a / [a]L ] 

However, in a typed setting, the ^-reduction cannot always be applied (it requires fia.M to 
be of arrow type), so that we cannot directly apply the results of |Py98| . 

A simply typed simple A/i-term M of type A = A\ —>■••• — > A n — >■ X is in canonical 
normal form if M = Xa\ . . . Xa n (j,a[f3] {b)M\ . . . with of type Ai, a of type X, (5 of type 
y, b of type B and Mj canonical normal form of type Bj (with B = B\ — > ■ ■ ■ — > Bj- — >■ Y). 

Lemma A.l (Canonical normal form (simple types)). Let M be a simply typed p-closed 
simple Xfi-term, there exists a canonical normal form which is fir\\ipQ equivalent to M . 
More precisely turning M into a canonical normal form only requires f3 p pv -reductions and 
r]8 '-expansions. 
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Proof. The /3 /^-reduction is normalizing [Par97], so that we can concentrate on /3//p-normal 
forms. 

We first prove, by induction on the size of A = A% — > ■ ■ ■ — > A n — > X, that if a is a A- 
variable of type A then it /^-expands into a canonical normal form: by induction hypothesis 
applied to the A- variables ai of type Ai, we obtain the canonical normal forms Mj, and we 
have: 

a <—~g Aai . . . Xa n pa[a](a)ai . . . a n ^— * e Acq . . . Xa n pa[a](a)Mi . . . M n 
By induction on the size of N, we prove that any /3/ip-normal form N of type A is f3rjpp6 
equivalent to a "pre- canonical form, that is a A/x-term of the shape Xp(b)M\ . . . where Xp 
is a sequence of As and p[]s ending with a p[] and containing no pair of consecutive p[]s, 
Mj is a pre-canonical form of type Bj, and moreover b is of type B = B\ — y ■ ■ ■ — > Bf, —¥ Y 
(that is each variable has as many arguments as possible). 

If N is a /3/U/>normal form (note that it immediately ensures the elimination of consec- 
utive p[]s), under a bunch of As and p[]s, we find a term of the shape Ao = {b)M\ . . . M p 
with b of type B = B\ — ^ • ■ ■—>• B^ — > Y and p < k. If p = k, either A^o is un- 
der a and it is in pre-canonical normal form or iVo is under a A and we apply a 6- 
expansion to iVo- If p < k, we replace A^o by Aq (which is equivalent to it) obtained from 
Xb p+ i . . . A6fc/U^[^](6)Mi . . . Mpb p+ i . . . 6& (£ fresh) by replacing each bj by its canonical nor- 
mal form (using the first result above). Finally we replace each Mi by its pre-canonical 
form (using the induction hypothesis). 

Notice that, in a pre-canonical form M, if a is of type A — >• B and [a]N is a sub-term of 
M then starts with a A: otherwise it could only be a /i (but it would not be p- normal), or 
of the shape (c)L (but such a sub-term of a pre-canonical form under a [] is always of atomic 
type). This remark allows us to define the following modified ^-reduction on pre-canonical 
forms: 

fia.M Xa.pa.M [ [a]L / [a]X a. L } 

if a is of arrow type. 

We finally prove the lemma by showing that any pre-canonical form M is equivalent to 
a canonical normal form. We prove this by induction on the sum of the sizes of the types 
of the /^-variables in M. If all the types of the /z-variables of M are atomic, then M is in 
canonical normal form. Otherwise, let pa.N be a sub-term of M of arrow type (remember 
that the A/x-term is //-closed), we apply a ^-reduction, this makes the induction size decrease 
but we are not sure to obtain directly a pre-canonical form again: we may have to apply 
some p-reductions to have a pre-canonical form, but these reductions terminate (the size of 
the A/i-term decreases) and do not make the induction size increase. □ 

In order to extend this result to the first-order case, we first define an embedding of 
simple Xp-teims typed in first-order logic (without A or T) into the simply typed Xp- 
calculus. We consider an injective embedding of first-order function symbols, first-order 
variables and A- variables into A-variables (we still denote by /, x and a the translation of 
/, x and a), and an embedding of relation symbols into 0-ary relation symbols (the image 
of X will be denoted by X). Moreover we choose two particular atomic types O and F. 
The translation is given in Table [71 

We extend the modified ^-reduction to first-order constructs: 

pa.M ^ v Ax.pa.M[^ L / [a]Ax , L ] 
if a is of type \/xA and all the occurrences of [a] in M are followed by Ax. 
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1* 


= F 


a* 


= a 




= X 


(Xa.M)* 


= Xa.M" 




= A* ^ B* 


((M)N)* 


= (M*)N* 


(VxA)* 


= O^A* 




= fia[(3]M* 






(Ax.M)* 


= Ax.M* 


X* 




(M{t})* 


= (M*)t* 


(fh...t k y 









Table 7: A translation from first-order typing to simple types 



Lemma A. 2 (Properties). The translation (.)* has the following properties: 

• If r h M : A | A i/ien A, T* h M* : ^4* | A* ; where T* contains the translations of the 
typing declarations in T and typing declarations x : O for (at least) the free first-order 
variables of M, and A contains a typing declaration f : O k — > O for each function symbol 
f of arity k occurring in M . 

• (M[7 X ])* = M*f/ X ] 

• There is a one-to-one correspondence between the source and the target language for 
(3 -reduction, ^-reduction, p-reduction, v -reduction, n-expansion and 9 -expansion. This 
means that if — > is one of these rewriting rules, we have both simulation (if M —> N 
then M* — > N*) and co-simulation (if M* — > C, there exists N such that C = N* and 
M -> N). 

Proof. 

• We first show that A, T* h t* : O | A* if T* contains typing declarations x : O for (at 
least) the free first-order variables of t and A contains typing declarations for the function 
symbols occurring in t: 

A,r*,x : O h x : O \ A* 



A, T* h / : O k ->• O | A* A, T* h t\ : O \ A* 
A,T* h (/)t* : O^ 1 O | A* 

A, r* h (/)t* . . . : O -> O | A* A, T* h t* : O | A* 

A,r* h (/)<?...*£ :0| A* 
The only two interesting cases of A/i-terms are for first-order constructs: 

A,r*,x : O h M* : A* \ A* 

A,r* h ax.m* rem* | A* 

A, T* h M* : O ^ A* \ A* A, r* h i* : O \ A* 
A, T* h (M*)t* : A* \ A* 
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• We first check that (tt[*AD* = u*[ l /x] for first-order terms. Then we work by induction 
on M, with only one interesting case: 

(MMIV.D* = (AT[*/,]K/J})* 
= (M [*/,]>[»/„]* 
= (Af*f /«])«*[**/„] 
= (M>*fA>] 
= W)f/J 

• We first prove the simulation results. For redexes without first-order construct, the result 
is immediate, for the other ones we have: 

— (Ax.M){t} — becomes (Xx.M*)t* M*[** / x ] and we apply the previous 
result 

— M <- v Ax.M{x} becomes M* Xx.(M*)x 

— (pa.M){t} — ^ pa.M[^ L ^/ [a]L ] becomes (jux.M*)t* ->> pa.M*[WW* / [a]L ] and we 
conclude from the fact that []s are not modified by the translation 

— pa. M Ax.pa.M[^ L / { 

o]Ax.l] becomes pa.M* — Xx.pa.M*[^ L /\ a \\x.L\ since each 
Ax under a [a] becomes a Ax and \/xA becomes O — > A*. 

• We now look at co-simulation for each rewriting rule: 

— If M* contains a /3-redex, either both A and application are already present in M 
and the result is immediate, or they both come from the corresponding first-order 
constructs and we can apply the simulation result, or exactly one come from a first- 
order construct and this would be a typing error in M. 

— If M* contains a p-vedex, either the application is already present in M and the result 
is immediate, or it comes from a first-order application and we can apply the simulation 
result. 

— If M* contains a p-redex, so do M, and the result is immediate. 

— If M* contains a u-redex starting with pa, so do M, and we can apply the same 
reduction in M (with a A if a is of type O —> A and with a A otherwise). Finally we 
conclude with the simulation result. 

— If M* r/-expands to Xa.(M*)a then N = Xa.(M)a and if M* ^-expands to Xx.(M*)x 
then N = Ax.M{x}. We conclude with the simulation result. 

— By the simulation result, the case of a ^-expansion is immediate. □ 

A simple A/i-term M of type A = Vxi . . .\/x p (Ai — » • • • — > A n — > R) is in quasi canonical 
normal form if M = Ax\ . . . Ax p Xa± . . . Xa n pa[j3\{b{ti} . . . {t q })Mi . . . Mk with at of type 
A{, a of type R, (3 of type S^ 1 / yi , ■ ■ ■ , tq / y ], b of type B and Mj canonical normal form 
of type B$ 1 / yi , / yq ] (with B = Vyi . . . Vy q {Bi -> • • • -> B k ->• S)). A canonical 
form is obtained from a quasi canonical normal form by removing the fis and []s acting on 
//-variables of type _L. 

Proposition A. 3 (Canonical normal form). Let M be a typed p-closed simple Xp-term, 
there exists a canonical normal form which is (3r]pp9 equivalent to M . 

Proof. We first show how to obtain quasi canonical normal forms. We translate M into M* 
and we apply Lemma lA.ll to get a simply typed canonical normal form C. By Lemma lA.21 
(since going from M* to C requires only /3/xpi^-reduction and r/0-expansion) there exists a 
Xp-teim N equivalent to M and such that A^* = C. Going from C to N transforms some 
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As into As and some applications into first-order applications, but using the type we can 
see that we do not have choices: the As are all arriving before the As (for each bunch of As 
of C) and the same for applications. As a consequence N is a quasi canonical normal form. 

Finally, if the quasi canonical normal form M contains some (mx[/3] with a of type _L 
we apply pa[(3]N = p [a\pa[p\N = p \J3]N, and if M contains some [a]N with a of type _L, 
we erase the [a] by p. □ 



A. 2. Isomorphisms. The notion of isomorphism is very standard in algebra and in cate- 
gory theory. There is a natural corresponding notion in extensions of the A-calculus [DC 76] . 
We consider such an extension of the A-calculus endowed with the equational theory on 
terms generated by the reduction rules (containing the /3rj equality). The term M is an iso- 
morphism if there exists a term N such that Xx.(M)(N)x = Xx.x and Xy.(N)(M)y = Xy.y 
(we say that M and N give an isomorphism pair). 

In a typed setting (i.e. if the calculus comes with a type system extending the simply 
typed A-calculus), we can consider isomorphisms between types [DC95]. The types A and 
B are isomorphic if there exist two terms M and N such that \- M : A— t B, \- N : B — ¥ A 
and M and N give an isomorphism pair. The main question about type isomorphisms is 
usually to find the equational theory characterizing them in a given calculus. 

Proving that a given equation on types is a valid isomorphism only requires us to exhibit 
a pair of typed terms (of appropriate types) and to prove that their compositions in both 
directions are equal to the identity up to the appropriate equational theory on terms. 

This is what we are looking at here with the Church style first-order A/U-calculus with 
terms equal up to the /3rjnp8 equality. 

Proposition A. 4 (Syntactic isomorphisms). For each equation of Tabled the Table 
gives such a pair of terms validating the equation. 

Proof. This proof is left to the reader. We just give one example (for the equation \/x(A A 
B) = MxA A Vx-B) of the kind of computation we have to apply: 

Xc.(Xa.(Ax.iTia{x}, Ax.iT2a{x}))(Xa.Ax.{(TTia){x}, (iT2a){x}))c 

=p Xc.(Xa.(Ax.iria{x}, Ax.7T2a{x}})Ax.((7ric){x}, (7T2c){x}) 

=3 Ac.(Ax.7ri(Ax.((7ric){x}, (ir 2 c){x})){x}, Ax.7r 2 (Ax.((7ric){x}, (tt 2 c){x})){x}) 

=p Ac.(Ax.7Ti((7ric){x}, (7r 2 c){x}), Ax.7r 2 (Ax.((7Tic){x}, (7r 2 c){x})){x}) 

= 3 Ac.(Ax.7Ti((7Tic){x}, (7T 2 c){x}), Ax.7T 2 ((7Tic){x}, (7T 2 c){x})) 
=P Ac.(Ax.(7Tic){x}, Ax.7T 2 ((7Tic){x}, (7T 2 c){x})) 

=g Ac.(Ax.(7ric){x}, Ax.(7r 2 c){x}) 

= v Xc.(lTlC, Ax.(7T 2 c){x}) 
= v Xc.(-K\C, 7T 2 c) 
=rj Xc.C 

□ 
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\a.({iria, 7rivr 2 a), 7r 2 7r 2 a) : A A (B A C) -> (A A B) A C 
Aa.(7Ti7Tia, (7r 2 7ria, 7r 2 a)) : (A A B) A C -> A A (B A C) 

Xa.iria : A A T — > A 
Aa.(a,*) : A -> ^4 A T 

Aa.7r 2 a : T A ^4 — > A 
\a.(*,a) :A^TAA 

\a.Xb.Xc.{a)(b, c) : ({A A B) -> C) -> A -»■ B -> C 
Aa.A6.(a)^6^ 2 6 : (A -> B ->• C) ->• (A A 5) -> C 

Aa.(a)* : (T ->• A) -> A 
Xa.Xd.a : A -)■ T — s- A 

Aa.(A6.7ri(o)6, A6.7r 2 (a)6) :(i^(BA C)) -> (A -> B) A (A C) 
Aa.A6.((vria)6, (7r 2 a)6) : ((A -> B) A (4 -> C)) -> 4 -> (B A C) 

Aa.* : (>1 -» T) -> T 
Xa.Xd.a : T — > A -> T 

Aa.(Ax.7Tia{x}, Ax.7r 2 a{x}} : Vx(A A B) — > VxA A VxB 
Aa.Ax.((vria){x}, (7r 2 a){x}} : (VxA A VxB) -> Vx(A A B) 

Aa.* : VxT — > T 
Aa.Ax.a : T — > VxT 

Aa.Ax.A6.((a)6){x} : (4 — >• VxB) -)■ Vx(A -> B) 
Aa.A6.Ax.(a{x})6 : Vx(A -> B) ->■ A -> VxB 

Aa.(7r 2 a, 7ria) : A A B — » B A ^4 
Aa.(7r 2 a, 7ria) : B A ^4 ->■ A A B 

Aa.Ay.Ax.a{x}{y} : \/xMyA — > \/y\/xA 
Aa.Ax.Ay.a{y}{x} : MyixA — > \/x\/yA 

Table 8: Isomorphisms 



The difficult point about type isomorphisms is always the opposite direction: showing that 
all the equations have been found. This is the purpose of Section [H 
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Appendix B. Categorical properties of games 

Let A be an arena without any label (such an arena is called a ground arena), strategies 
on A are exactly those defined in [DHR96, Lau05b]. In particular ground arenas and 
strategies allow us to define a category Qqq (this is the category also used in Section I3.2[) . 

We define the function GR from arenas to ground arenas which erases the labels of its 
argument. If s is a play on A, we define GR(s) as the play on GR(A) obtained by erasing 
the instantiations and the /i-pointers (and the same with interaction sequences). We extend 
GR to sets of plays by applying it point-wise. 

Lemma B.l. Let a : A be a strategy, i/sm E a and tn E a with GR(s) = GR(t) then there 
exists an O-renaming q such that sm = tn^. 

Proof. We prove it by induction on the common length of sm and tn. If GR(mini2) = 
GR(nin2) then mi and ni are Opponent moves corresponding to the same initial move in 
A, thus they can only differ on their O-instantiations [x%, . . . ,Xk] and [yi, . . . ,yj~] (which 
must have the same length k). We consider q such that q(yi) = x%, q(yk) = Xk- We have 
mi = ni<j, mini2 E a, nin2 G a thus nin2? G a (by uniformity), and finally mini2 = nin2<r by 
determinism. In a similar way, if GR(smini2m3) = GR(tnin2n3) then GR(s) = GR(t) and by 
induction hypothesis smi = tn\q. Moreover ni2 and n2 are Opponent moves corresponding 
to the same move in A, they have the same justification pointer and thus they can only 
differ on their O-instantiations [xi, ■ ■ ■ , Xk] and [yi, . . . , y&]. We modify q into q' in such a 
way that q'(yi) = x%, q'{yk) = %k and q and q' agree on the O-variables appearing in tni. 
We have smiiii2 = tnin2?', smim2in3 G a, tnin2n3 G a thus X.xix^^q' G a (by uniformity), 
and finally smim2m3 = X^x^^q 1 by determinism. □ 

Lemma B.2 (Preservation of strategies). If a is a strategy on A, then GR(cr) is a strategy 
on GR(A). 

Proof. It is immediate that GR(cr) is a non-empty set of even length plays which is closed 
under even length prefixes. 

If sm = GR(tim') and sn = GR(t2n') with tim' G a and t^n' G a. By Lemma IB.R 
tim' = t2n'<^ for some O-renaming q. As a consequence sm = sn. 

There is nothing to say about uniformity since moves in GR(cr) have no instantiation. □ 

Lemma B.3 (Preservation of composition and identity). Let a and r be strategies on 
A^ B andB^C, GR(a ; r) = GR(ff) ; GR(r) and GR(id^) = id GR(A) . 

Proof. We first prove the inclusion GR(<r ; r) C GR(cr) ; GR(r). Let s be a play in GR(a ; r) 
coming from the interaction sequence u. GR(u) is an interaction sequence on GR(A), 
GR(B) and GR(C7) with GR(u \ A ^ B ) = GR(u) \ A ->B, GR(u \ B ^ C ) = GR(u) \ B ^c, and 
GR(u \ a _+q) = GR(u) \ a _+q. Since GR(s) = GR(u) \ a _+q, we conclude GR(s) G GR(cr) ; 
GR(r). 

Concerning GR(<t);GR(t) C GR(<r;r), we consider an interaction sequence v on GR(A), 
GR(B) and GR(C) with v f G R(A)->GR(i?) = GR(s) (s G a), v f G R(B)^GR(C) = GR(t) 
(t G t). By applying an O-renaming if required, we can assume that the O-variables 
appearing in s and t are different. We build from v an interaction sequence u on A, B and 
C in the following way: if m is a move in C, we add on it the /i-pointers and instantiations 
coming from t, if m is a move in A, we add on it the //-pointers and instantiations coming 
from s, if m is a move in B, we add on it the //-pointers and instantiations coming from 
both s and t. We can check that u \ A ^,c G V a _+q so that u \a-+c S a ; r (the only point 
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to verify is the condition relating //-pointers and atomic labels, but it comes easily). This 
gives v t G R(A)->GR(C) = GR(u \a-+c) G GR(cj ; r). 

The case of the identity is immediate by definition of id^. □ 

Lemma B.4 (Zipping). Let a : A — > B and r : B — > C 6e too strategies, let u and v 6e two 

interaction sequences on A, B and C such that u \a-*b G a, v fyi-^B G cr, u Is^c* G T and 
v t.B->c G t, the first move which differs between u and v is an Opponent move in A — > (7 . 

Proof. This is the very natural extension (with //-pointers and instantiations) of the usual 
result for HO/N games proved by induction on the length of the maximal common prefix 
of u and v, using the determinism of a and r (see |Lau05aj for example). O 

Lemma B.5. The identity is a strategy, and the composition of two strategies is a strategy. 

Proof, idyi is a non-empty set of even length plays which is closed under even length prefixes. 
It is clearly uniform. It is deterministic: if sm € id^ and sn 6 id^, the node in A underlying 
m and n is the same and the justification pointers are the same since GR(id y i) is a strategy 
(Lemma IB.3|) . and the //-pointers and the instantiations are the same by definition. 

Let a : A — > B and r : B — > C be two strategies, a ; r is a non-empty set of even length 
plays which is closed under even length prefixes. 

If sm € a ; r and sn £ a ; r, let u be an interaction sequence corresponding to sm and v 
be an interaction sequence corresponding to sn, by Lemma \BA\ one of u and v must be a 
prefix of the other. As a consequence sm = sn since they have the same length. 

Let s be a play in a ; r, u be a corresponding interaction sequence and q be an O- 
renaming, we define <r' as an O-renaming which coincides with q on the O-instantiations 
of u in A and C (so that s^ = s<r') and which maps O-instantiations of u in B to fresh 
O-variables (neither appearing in u nor in the image of the O-instantiations of u by ?). u?' 
is an interaction sequence on A, B and C such that u<j' \a->b = u \a^b^' G <t, u^' [b^c = 
u Ib-^CS 1 G r, and u?' \a->C = s<?' = s<j, thus s? € o~ ; r. □ 

To turn arenas and strategies into a category, we still have to show the composition to 
be associative and the identity to be neutral for composition. 

Proposition B.6 (Category of strategies). Arenas and strategies define a category. 

Proof. Let a : A — > B, r : B — >■ C and p : C —¥ D be three strategies, by Lemma IB.31 
we know that GR((cr ; r) ; p) = GR(er ; (r ; p)). This means that we only have to look 
at /i-pointers and instantiations to show that (a ; r) ; p = a ; (r ; p). We just sketch the 
arguments (a more precise proof would go through a zipping lemma [Har99l Lemma 3.2.3]). 

If sm G (<t ; r) ; p with m £ A equipped with a //-pointer to a move in D, it is obtained by 
following //-pointers through B in an interaction sequence coming from the composition cr;r 
until arriving in C and then by following //-pointers in C in an interaction sequence coming 
from the composition (er; r) ; p until arriving in D. In a ; (r ; p), this //-pointer is obtained by 
building a //-pointer p from B to D by following the //-pointers through C in an interaction 
sequence coming from the composition r ; p and then by following //-pointers from A to the 
source of p through B in an interaction sequence coming from the composition a ; (r ; p). 
This means that in both case we build a path going from A to D through moves in B and 
C in the same way, and thus we obtain the same //-pointer. 

Concerning instantiations, they are built by applying an O-substitution $i correspond- 
ing to pairs of O-instantiations and ^-instantiations in B and an O-substitution $2 cor- 
responding to pairs of O-instantiations and ^-instantiations in C. By disjointness of the 
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0-instantiations in B and C, applying first i?i and then $2 or the converse leads to the 
same instantiations in (cr ; r) ; p and a ; (r ; p). 

The neutrality of the identity with respect to composition is easy and left to the reader. 

□ 

Lemmas IB.2I and IB, 31 show that GR defines a functor from the category of arenas and 
strategies to the full sub-category of ground arenas and strategies. 
We are now able to prove Proposition 12.151 (page fT^) . 

Lemma B.7. Let a be a view function, r VC(o")~ l = a. □ 

Lemma B.8. Let a be an innocent strategy, VC( r cr~ l ) = a . 

Proof. By definition, there exists a view function r such that a = VC(r) thus: 

VC( r c7 n ) = VC( r VC(r) n ) 

= VC(r) by Lemma IB .71 

= a 

□ 

Lemma B.9 (Composition of view closures). Let a be a view function on A — > B and 
t be a view function on B — > C ' , there exists a view function p on A — >• C such that 
VC(cr) ; VC(t) = VC(p). 

Proof. In the usual setting of games for extensions of the simply typed A-calculus, there is 
a well known direct characterization of innocent strategies, and they are known to compose 
(see [McC96l IHar99| for example). This tells us that VC(cr) ; VC(r) = VC(p ) with p = 
r VC(cr) ; VC(t) -1 (since our definition of pre-view is the usual definition of view and our 
definition of view closure is the usual one). 

What remains to be checked are our constraints on first-order instantiations which are 
not present in the traditional setting. More precisely, we define p = r VC(o") ; VC(r) -1 and 
we have to show that p is a view function such that VC(p) = VC(po). p is a non-empty set 
of even length views closed under even length prefixes. Moreover p C p Q since po is closed 
under O-renaming (by uniformity of VC(cr) ; VC(r)). We deduce that p is a view function 
and that VC(p) C VC(po)- Finally VC(po) Q VC(p) since, for any play s, r s n € po implies 
r s n G p. □ 

Proposition B.10. Arenas and view functions give a category Q. 

Proof. The identity view function is a view function on A — >■ A (whose view closure is the 
identity strategy). If a is a view function on A — > B and r is a view function on B — > C, 
the composition of a and r is r VC(<r) ; VC(r) n which is r VC(p)~ l = p (for some view function 
p, by Lemmas IB . 91 and IB.7[) thus it is a view function. 

The identity view function is neutral for composition (we give only one side): 

a ; r id n = r VC(cr) ; VC( r id n ) n 

= r VC(cr ; id) n byLemmaEE] 

= r VC(<r) n 

= a by Lemma lB.71 



GAME SEMANTICS FOR FIRST-ORDER LOGIC 



19 




by Lemmas IB.9I and IB.8I 



= r VC( r VC(cr) ; VC(r) n ) ; VC(p) n 
= (a;r);p 



by Lemmas IB .91 and IB .81 



□ 



GR turns view functions into view functions, and thus defines a functor from Q to £?oo- 

Additional structure of this category is given by Theorem 12.201 (page fTTl) . We will prove 
it after a few lemmas (Theorem IB. 13|) . 

Lemma B.ll (Composition of //-rigid strategies). Let a : A — » B and r : B — >• C be two 
jjL-rigid strategies, a ; r is fi-rigid. 

Proof. We prove (by induction on its length) that any interaction sequence u on A, B and 
C, such that u \a-*b £ c, u \b-+c £ t, has its //-pointers given in a //-rigid way. If u is 
empty, the result is immediate, if the last move corresponds to a Player move of a, the result 
comes from the /i-rigidity of a and the same with r. As a consequence, the //-pointers in 
u \a-+C respect the //-rigidity. 

In a similar way, between two moves m and n (n Player move in A — > C) in A or C in 
u, the O-substitution induced by u identifies each ©-instantiation with the previous one in 
moves in B, and we deduce that the V- instantiation of n is the same as the O-instantiation 



Lemma B.12. Let a and r be two fi-rigid strategies on A, if GR(cr) = GR(t) then a = r. 

Proof. By symmetry, it is enough to show a C r. We prove by induction on the length of 
s that s € a entails s € r. The case of e is immediate. If smn € a, there exists tm'n' € r 
such that GR(smn) = GR(tm'n'). By induction hypothesis, s € r, thus by Lemma IB . 1 1 there 
exists an O-renaming q such that s = t?. We consider an O-renaming q* such that s = tq' 
and q' maps each 0-variable in the O-instantiation of m' to the corresponding O-variable in 
the 0-instantiation of m. We look at smn" = (tm'n')?' € r. We want to prove smn = smn". 
We have GR(smn) = GR(smn"), thus n and n" correspond to the same node in A and 
have the same justification pointer. Moreover they are //-rigid thus their //-pointers and 
instantiations are obtained in the same way. □ 

These two lemmas show that GR, restricted to the sub-category of Q given by //-rigid 
strategies, is faithful. 

Theorem B.13 (Control category of games). The category Q of arenas and view functions 
is a control category. 

Proof. Since Gqq is a control category [Lau05b] and GR preserves the various constructions 
on arenas and strategies (GR(A + B) = GR{A) + GR(5), GR(er + r) = GR(cr) + GR(r), 
GR{A x B) = GR(A) x GR(B), GR(a x r) = GR(ct) x GR(t), ...) as well as basic 
morphisms (such as associativity and commutativity of the constructions, which are //-rigid), 
any commutative diagram required in the definition of a control category and concerning 
only //-rigid strategies commutes in Q (by faithfulness of GR on //-rigid strategies) . 



of m. 



□ 
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The other properties are about the monoid structure (with respect to the pre-monoidal 
product) defined on each object and about cartesian closedness. They are not difficult to 



Lemma B.14. GR reflects totality and finiteness: GR(cr) is total if and only if a is total, 



Proposition B.15 (Composition of total finite strategies). The composition of two total 
finite strategies is a total finite strategy. 

Proof. Let a and r be two total finite strategies, a ; r is total finite iff GR(<7 ; r) is total 
finite (by Lemma IB. 14[) iff GR(ff) ; GR(r) is total finite. By the full completeness result 
of [DHR96| . GR(tr) and GR(r) are the interpretations of two simply typed A-terms M and 
N and GR(<r) ; GR(r) is the interpretation of Xx.(M)(N)x thus a total finite strategy. Q 

It would be possible to extend this categorical analysis of our game model by introducing 
a notion of first-order control hyperdoctrines (in the spirit of control hyperdoctrines [dL08j), 
and by proving our games to give such a first-order control hyperdoctrine. We do not think 
it would help a lot in the present work. 



check and left to the reader. 



□ 




□ 
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